Periodically, Jim Comey invites a group of select journalists in for lunch and eats them alive with his charisma and unsubstantiated claims. The first I noticed came when Comey made some false claims about National Security Letters, without a single journalist correcting him. More recently, Comey claimed FBI had arrested 10 people with ties to ISIS, only two of whom have every publicly appeared.
In this week’s edition, Comey got passionate about a claimed spike in crime.
And in unusually passionate remarks, the FBI director said he was “very concerned about what’s going on now with violent crime and murder rates across the country,” in cities as disparate as Omaha and Milwaukee.
At least in this instance, journalists are getting less credulous, because most (though not CNN) reported that in fact the crime stats released this week show a decline in crime, not a spike, even while they reported that violent crime in “many” cities has spiked.
Newly released federal data suggest a slight dip in violence across the nation in 2014. But Comey said those numbers may not be capturing what’s happening on the ground today. He’s been hearing similar concerns from police chiefs, he said.
Earlier this week, the FBI released data showing violent crime dropped slightly in 2014, but many big city police departments have reported significant jumps in shootings this year compared with last year.
In 2014, the number [of murders in NYC] had dropped to 328 — the lowest number of murders since the New York City Police Department began collecting statistics in 1963.)
None I saw, however, pointed out that the claim of a spike in “many” cities stems from a persistent propaganda effort that has been debunked as cherry-picking. Yes, there are a few cities with alarming spikes in violence, but they should be examined as cities, not as a trend that the FBI’s own data shows is moving in the opposite direction.
In his comments, Comey didn’t endorse the Ferguson effect. But he did say we need to move slowly on criminal justice reform both because of this alleged spike and because crime has gone down (!?!). Still from the HuffPo:
Comey said he didn’t know whether protests against police violence have made it harder for police to do their jobs, a theory that has been dubbed the “Ferguson effect.” “I’m not discounting it, but I just don’t know,” he said, adding that he was “focused on it, trying to figure it out.”
“Some have said police officers aren’t getting out of their cars and talking to gang-bangers on street corners anymore, but I don’t know,” he said. “What I do know is that a whole lot of people are dying. They are, according to the chiefs, overwhelmingly people of color, and we’ve got to care about that.”
The spike in crime made him want to be “thoughtful” on criminal justice reform, Comey added.
“My strong sense is that a significant portion of the change in our world since I was a prosecutor in New York in 1987 is due to law enforcement, but I’m sure there are lots of other things [going on],” he said.
“I just want to make sure that as we reform — first of all, we’re grateful that we actually have the space and time to think and talk about sentencing better, rehabilitating better, and [that] is a product of hard work over the past 25 years — but as we do it, are very, very thoughtful about where we used to be and how we got from that point to here,” Comey said.
As with encryption back doors, the data is not there (on that issue, DOJ simply doesn’t collect data on how often encryption prevents it from accessing data). But that’s not going to stop him from cautioning against criminal justice reform.
At Salon yesterday, I pointed to the most interesting part of the GOP debate on Wednesday — the policy debate over how to deal with addiction. As I point out, one reason this debate is taking place is because New Hampshire is really struggling with heroin addiction right now. But the debate started about pot, not heroin. And even tough on crime candidates like Chris Christie and Jeb Bush struggled to spin their approach as kinder and gentler; Christie pitched his support for decriminalization as another expression of pro-life.
This was the moment, I argued, when the GOP found ways to pitch a more reasonable approach to drugs in GOP ideology (and Rand Paul deserves credit for pushing this).
Even while Christie and Bush, to differing degrees, cling to old-style War on Drug rhetoric, this campaign (and particularly the New Hampshire addiction crisis Bush mentioned) will force real debate about what combination of treatment, decriminalization, legalization, and education might provide some way out of the failed drug war. This discussion framed that dramatic policy shift in rhetoric — states rights and pro life — that Republicans can rally behind.
All this, of course, took place in the Reagan library, the shrine to the man who formally declared the now-failed War on Drugs in 1982. CNN even used his damn plane to ask candidates to project themselves into Reagan’s legacy. “Ronald Reagan, the 40th President, used the plane behind you to accomplish a great many things….How will the world look different once your Air Force One is parked in the hangar of your presidential library?” But one of the most constructive policy discussions in last night’s debate constituted a renunciation, finally, of Reagan’s legacy.
Mind you, the foreign policy and immigration stances of candidates undermines the value of this — few Republicans will give up the excuse of the War on Drugs to big foot in Latin America, no matter how counterproductive that is. And some candidates — such as Trump, who probably hasn’t exactly eschewed drugs all his life — weren’t clamoring to look soft on drugs.
All that said, amid all the talk of starting new wars in the shadow of Saint Ronnie’s plane, I was heartened by a moment that might lead toward ending one.
More generally, the cables seem concerned with measuring the seriousness with which President Felipe Calderón responded to the attack. For example, this partly redacted discussion relays someone’s explanation of Calderón’s instructions the day of the attack.
Then, a cable relaying the public apology Calderón gave four days after the attack included these details, including that the apology was not in his written speech.
A description of Ambassador Anthony Wayne’s meeting with Calderón on early September is mostly redacted (it also includes details of meetings with Mexico’s AG). That description went to — among others — CIA Director David Petraeus, as well as John Brennan (who was still in the White House). And once Enrique Peña Nieto was elected, the Americans seemed pretty enthusiastic about cooperating when them going forward rather than Calderón.
A number of the cables tie the attack closely to the Merida initiative.
Motherboard has an interesting new detail on the Silk Road investigation from a mostly refused FOIA.
The few pages released show the following timeline:
June 1, 2011: Gawker publishes this story describing Silk Road.
The DEA has confirmed they are aware of the site, and while they won’t confirm or deny that an investigation is underway, from my years of experience, I’d bet my bottom dollar in this instance there is one underway,
June 6, 2011: NY Organized Crime Drug Enforcement Strike Force gets tasked with investigating Silk Road.
June 15, 2011: DEA opened a Personal History Report for its investigation into Silk Road
I find the Gawker to Schumer to New York law enforcement to feds very interesting given yesterday’s events.
I’m still reading this report on DEA’s informant program, which shows that DEA operated by its own rules, sometimes resulting in DEA having high level informants that didn’t comply with the Attorney General’s guidelines, at other times resulting in informants engaging in unreviewed otherwise illegal activity, and generally showing inadequate vetting and paperwork.
But here’s an awesome table showing that before 2012, DEA was spending less than a minute reviewing its use of sources.
The report explains:
Based on the aforementioned risks involved with long-term sources, the oversight of these long-term confidential sources is critical to the overall management of the DEA’s Confidential Source Program. Further, the importance of the long-term confidential source reviews requires that the [Sensitive Activity Review Committee] members, including any DOJ representatives, invest an appropriate amount of time and effort evaluating the benefits and risks of the continued use of each long-term confidential source.
We reviewed the DEA’s documented meeting minutes for the SARC meetings conducted specifically for the review of long-term confidential sources that occurred between 2003 and 2012 and found that between 2003 and 2012, the DEA SARC’s reviews of long-term confidential sources appear to have been inadequate and infrequent. The DEA held only 7 SARC meetings during that 9-year period. Moreover, between its meeting in October 2009 and its most recent meeting in July 2014, a nearly 5-year timespan, the SARC met only once, in February 2012.
Although the minutes reflect that starting in 2006, headquarters’ confidential source files were available for SARC members during the formal meetings, there is no indication that any SARC members actually reviewed any of these files. According to this information, between 2003 and 2012, during these formal meetings the SARC devoted what we calculated to be an average of just 1 minute per confidential source to consider the appropriateness of the source’s continued use.
As the table notes, there weren’t always DOJ people present for the review either.
The longer review process reflected in the 2012 meeting reflects a new review process, so hopefully this has been improved (to a whopping 6 minute review of DEA’s long-term relationships with sources).
But for years before that, DEA was spending as little as 13 seconds reviewing the appropriateness of its use of sources.
Yesterday, once and future Sinaloa kingpin Chapo Guzmán escaped from the high security Mexican prison where he had been held since February 2014. He escaped via the same kind of highly developed tunnel system in which Mexican Naval forces, assisted by US Marshals and DEA Agents, found him. Both tunnels provided escapes through the bathroom.
You’d think maybe Mexican officials would have been on the lookout for any tunneling systems that might assist Guzmán.
Already, the Mexican press is calling this an embarrassment for Enrique Peña Nieto (though remember, he seemed rather reluctant to boast of Chapo’s capture when it happened, until the story leaked to the US press).
US officials, who have curiously been granted anonymity to bitch, are complaining that the Mexicans never extradited Guzmán so we could dump him in Florence SuperMax, where he’d be far less likely to escape. The on-the-record statements from people like Attorney General Lynch are much more reserved — though even she makes it clear she wants to bring him here and try him.
I’m at least as interested in what this escape says about the hierarchy of the Mexican drug industry as anything about the legend of Chapo. WaPo’s story — whose reporter is also tweeting some fascinating pictures that show just how predictable this escape should have been — also addressed this somewhat.
Even with Guzman in jail, his Sinaloa organization remained the dominant narcotics smuggling power in Mexico, with trafficking networks that spread across the United States. Guzman’s cartel sends more cocaine and marijuana than any other into the United States, according to DEA officials, and it accounts for more than half of the heroin surging into U.S. communities as overdose deaths skyrocket.
Guzman’s longtime business partner, Ismael “El Mayo” Zambada, was believed to have assumed operational control of the cartel after Guzman’s arrest, though few in Mexico doubted that Chapo continued calling the shots from his maximum-security cell.
That is, Chapo’s arrest seems to have had little affect on the dominance of Sinaloa in the market (which may also suggest some favor from officials). Which will likely lead the decapitation-faithful in US law enforcement agencies to accidentally shoot Guzmán the next time we “help” with an arrest.
Finally, Chapo’s escape has led to predictable tut-tutting about the corruption of Mexico generally and Peña Nieto specifically. Those complaints are true: over time we’re likely to discover that Guzmán had help from inside, if not from even higher-level authorities (the house where his tunnel ended is close to a military base, apparently).
But is the US really in any position to complain? After all, at least under Eric Holder, our government didn’t even try to imprison our transnational crime organization bosses — people like Jamie Dimon and Lloyd Blankfein, men who don’t use the same overt violence that Sinaloa does, but who nevertheless have presided over transnational networks of entrenched crime. Jamie Dimon has never had to hide in a tunnel, in part because DOJ presumed he’d always escape whatever legal efforts we made to keep him there. And one reason we don’t change the underlying law is because our Presidents, of both parties, are just as tied to those criminal TCOs as Peña Nieto and many of his predecessors.
I absolutely agree that Guzmán’s escape reflects the lack of seriousness of some in Mexico about prosecuting him. But that’s not unique to Mexico, not even in North America.
As I noted in this post, the government insists that it did not engage in parallel construction in the case of Shantia Hassanshahi, the Iranian-American busted for sanctions violations using evidence derivative of a search of what the government now claims was a DEA dragnet. “While it would not be improper for a law enforcement agency to take steps to protect the confidentiality of a law enforcement sensitive investigative technique, this case raises no such issue.”
The claim is almost certainly bullshit, true in only the narrowest sense.
Indeed, the changing story the government has offered about how they IDed Hassanshahi based off a single call he had with a phone belonging to a person of interest, “Sheikhi,” in Iran, is instructive not just against the background of the slow reveal of multiple dragnets over the same period. But also for the technological capabilities included in those claims. Basically, the government appears to be claiming they got a VOIP call from a telephony database.
As I lay out below, the story told by the government in various affidavits and declarations (curiously, the version of the first one that appears in the docket is not signed) changed in multiple ways. While there were other changes, the changes I’m most interested in pertain to:
As you can see from the excerpts below, Akronowitz at first claimed to have searched “HSI-accessible law enforcement databases,” plural, and suggested he searched them himself. In July 2014, in response to a motion to suppress (and after Edward Snowden had disclosed the NSA’s phone dragnet), Akronowitz changed that story and said he sent a research request to a single database, implying someone else did a search of just one database. Akronowitz told the same story in yet another revised affidavit submitted last October. In the declaration submitted in December but unsealed in January, DEA Assistant Special Agent Robert Patterson stuck with the single database story and used the passive voice to hide who did the database query.
While Akronowitz’ story didn’t change regarding how he discovered that Hassanshahi’s phone was a Google number, it did get more detailed in the July 2014 affidavit, which explained that he had first checked with another VOIP provider before being referred to Google.
Perhaps most interestingly, the government’s story changed regarding how many calls of interest there were, and between what numbers. In January 2013, Akronowitz said “a number of telephone calls between ‘Sheikhi’s’ known business telephone number and telephone number 818-971-9512 had occurred within a relatively narrow time frame” (though he doesn’t tell us what that time frame was). He also says that his Google subpoena showed “numerous calls to the same Iranian-based telephone number during a relatively finite period of time.” He neither explained that this number was not Sheikhi’s number — it was a different Iranian number — nor what he means by “a relatively finite period of time.” His July and October affidavits said his research showed a contact, “on one occasion, that is, on July 4, 2011,” with Sheikhi’s number. The July affidavit maintained the claim that there were multiple calls between Hassanshahi’s number and an Iranian one: “numerous phone calls between Hassanshahi’s ‘818’ number and one Iranian phone number.” But by October, Akronowitz conceded that the Google records showed only “that Hassanshahi’s ‘818’ number made contact with an Iranian phone number (982144406457) only once, on October 5, 2011” (as well as a “22932293” number that he bizarrely claimed was a call to Iran). Note, Akronowitz’ currently operative story would mean the government never checked whether there were any calls between Hassanshahi and Sheikhi between August 24 and September 6 (or after October 6), which would be rather remarkable. Patterson’s December affidavit provided no details about the date of the single call discovered using what he identified as DEA’s database, but did specify that the call was made by Hassanshahi’s phone, outbound to Iran. (Patterson didn’t address the later Google production, as that was pursuant to a subpoena.)
To sum up, before Edward Snowden’s leaks alerted us to the scope of NSA’s domestic and international dragnet, Akronowitz claimed he personally had searched multiple databases and found evidence of multiple calls between Hassanshahi’s phone number and Sheikhi’s number, as well as (after getting a month of call records from Google) multiple calls to another Iranian number over unspecified periods of time. After Snowden’s leaks alerted us to the dragnet, after Dianne Feinstein made it clear the NSA can search on Iranian targets in the Section 215 database, which somehow counts as a terrorist purpose, and after Eric Holder decided to shut down just the DEA dragnet, Akronowitz changed his story to claim he had found just one call between Hassanshahi and Shiekhi, and — after a few more months — just one call from another Iranian number to Hassanshahi. Then, two months later, the government claimed that the only database that ever got searched was the DEA one (the one that had already been shut down) which — Patterson told us — was based on records obtained from “United States telecommunications service providers” via a subpoena.
Before I go on, consider that the government currently claims it used just a single phone call of interest — and the absence of any additional calls in a later months’s worth of call records collected that fall — to conduct a warrantless search of a laptop in a state (CA) where such searches require warrants, after having previously claimed there was a potentially more interesting set of call records to base that search on.
Aside from the government’s currently operative claim that it would conduct border searches based on the metadata tied to a single phone call, I find all this interesting for two reasons.
First, the government’s story about how many databases got searched and how many calls got found changed in such a way that the only admission of an unconstitutional search to the judge, in December 2014, involved a database that had allegedly been shut down 15 months earlier.
Maybe they’re telling the truth. Or maybe Akronowitz searched or had searched multiple databases — as he first claimed — and found the multiple calls he originally claimed, but then revised his story to match what could have been found in the DEA database. We don’t know, for example, if the DEA database permits “hops,” but he might have found a more interesting call pattern had he been able to examine hops (for example, it might explain his interest in the other phone number in Iran, which otherwise would reflect no more than an immigrant receiving a call from his home country).
All of this is made more interesting because of my second point: the US side of the call in question was an Internet call, a Google call, not a telephony call. Indeed, at least according to Patterson’s declaration (records of this call weren’t turned over in discovery, as far as I can tell), Hassanshahi placed the call, not Sheikhi.
I have no idea how Google calls get routed, but given that Hassanshahi placed the call, there’s a high likelihood that it didn’t cross a telecom provider’s backbone in this country (and god only knows how DEA or NSA would collect Iranian telephony provider records), which is who Patterson suggests the calls came from (though there’s some room for ambiguity in his use of the term “telecommunications service providers”).
USAT’s story on this dragnet suggests the data all comes from telephone companies.
It allowed agents to link the call records its agents gathered domestically with calling data the DEA and intelligence agencies had acquired outside the USA. (In some cases, officials said the DEA paid employees of foreign telecom firms for copies of call logs and subscriber lists.)
Instead of simply asking phone companies for records about calls made by people suspected of drug crimes, the Justice Department began ordering telephone companies to turn over lists of all phone calls from the USA to countries where the government determined drug traffickers operated, current and former officials said.
Former officials said the operation included records from AT&T and other telecom companies.
But if this call really was placed from a Google number, it’s not clear it would come up under such production, even under production of calls that pass through telephone companies’ backbones. That may reflect — if the claims in this case are remotely honest — that the DEA dragnet, at least, gathered call records not just from telecom companies, but also from Internet companies (remember, too, that DOJ’s Inspector General has suggested DEA had or has more than one dragnet, so it may also have been collecting Internet toll records).
And that — coupled with the government’s evolving claims about how many databases got checked and how many calls that research reflected — may suggest something else. Given that the redactions on the providers obliged under the Section 215 phone dragnet orders haven’t changed going back to 2009, when it was fairly clear there were just 3 providers (AT&T, Sprint, and Verizon), it may be safe to assume that’s still all NSA collects from. A never-ending series of leaks have pointed out that the 215 phone dragnet increasingly has gaps in coverage. And this Google call would be precisely the kind of call we would expect it to miss (indeed, that’s consistent with what Verizon Associate General Counsel — and former DOJ National Security Division and FBI Counsel — Michael Woods testified to before the SSCI last year, strongly suggesting the 215 dragnet missed VOIP). So while FISC has approved use of the “terrorist” Section 215 database for the terrorist group, “Iran,” (meaning NSA might actually have been able to query on Sheikhi), we should expect that this call would not be in that database. Mind you, we should also expect NSA’s EO 12333 dragnet — which permits contact chaining on US persons under SPCMA — to include VOIP calls, even with Iran. But depending on what databases someone consulted, we would expect gaps in precisely the places where the government’s story has changed since it decided it had searched only the now-defunct DEA database.
Finally, note that if the government was sufficiently interested in Sheikhi, it could easily have targeted him under PRISM (he did have a GMail account), which would have made any metadata tied to any of his Google identities broadly shareable within the government (though DHS Inspectors would likely have to go through another agency, quite possibly the CIA). PRISM production should return any Internet phone calls (though there’s nothing in the public record to indicate Sheikhi had an Internet phone number). Indeed, the way the NSA’s larger dragnets work, a search on Sheikhi would chain on all his correlated identifiers, including any communications via another number or Internet identifier, and so would chain on whatever collection they had from his GMail address and any other Google services he used (and the USAT described the DEA dragnet as using similarly automated techniques). In other words, when Akronowitz originally said there had been multiple “telephone calls,” he may have instead meant that Sheikhi and Hassanshahi had communicated, via a variety of different identifiers, multiple times as reflected in his search (and given what we know about DEA’s phone dragnet and my suspicion they also had an Internet dragnet, that might have come up just on the DEA dragnets alone).
The point is that each of these dragnets will have slightly different strengths and weaknesses. Given Akronowitz’ original claims, it sounds like he may have consulted dragnets with slightly better coverage than just the DEA phone dragnet — either including a correlated DEA Internet dragnet or a more extensive NSA one — but the government now claims that it only consulted the DEA dragnet and consequently claims it only found one call, a call it should have almost no reason to have an interest in.
Often forgotten in the new reporting on the DEA dragnet is the story of Shantia Hassanshahi, the Iranian-American accused of sanctions violations who was first IDed using the DEA dragnet. That’s a shame, because his case may present real problems not just for the allegedly defunct DEA dragnet, but for the theory behind dragnets generally.
As I laid out in December, as Hassanshahi tried to understand the provenance of his arrest, the story the Homeland Security affiant gave about the database(s) he used to discover Hassanshahi’s ties to Iran in the case changed materially, so Hassanshahi challenged the use of the database and everything derivative of it. The government, which had not yet explained what the database was, asked Judge Rudolph Contreras to assume the database was not constitutional, but to upheld its use and the derivative evidence anyway, which he did. At the same time, however, Contreras required the government to submit an explanation of what the database was, which was subsequently unsealed in January.
Not surprisingly, Hassanshahi challenged the use of a DEA database to find him for a crime completely unrelated to drug trafficking, first at a hearing on January 29. In response to an order from Contreras, the government submitted a filing arguing that Hassanshahi lacks standing to challenge the use of the DEA dragnet against him.
To the extent that defendant seeks to argue that the administrative subpoenas to telephone providers violated the statutory requirements of Section 876(a), he clearly lacks standing to do so. See, e.g., United States v. Miller, 425 U.S. 435, 444 (1976) (“this case is governed by the general rule that the issuance of a subpoena to a third party to obtain the records of that party does not violate the rights of a defendant”); Moffett, 84 F.3d at 1293-94 (defendant could not challenge a Section 876(a) subpoena to third party on the grounds that it exceeded the DEA’s statutory authority).
This is the argument the government currently uses to deny defendants notice on Section 215 use.
The government further argued that precedent permits it to use information acquired for other investigations.
DEA acquired information through use of its own investigatory techniques and for its own narcotics-related law enforcement purposes. DEA shared with HSI a small piece of this information to assist HSI in pursuing a non-narcotics law enforcement investigation. In doing so, DEA acted consistently with the longstanding legal rule that “[e]vidence legally obtained by one police agency may be made available to other such agencies without a warrant, even for a use different from that for which it was originally taken.” Jabara v. Webster, 691 F.2d 272, 277 (6th Cir. 1982) (quotation marks omitted); accord United States v. Joseph, 829 F.2d 724, 727 (9th Cir. 1987).
Applying an analogous principle, the D.C. Circuit has held that querying an existing government database does not constitute a separate Fourth Amendment search: “As the Supreme Court has held, the process of matching one piece of personal information against government records does not implicate the Fourth Amendment.” Johnson v. Quander, 440 F.3d 489, 498 (D.C. Cir. 2006) (citing Arizona v. Hicks, 480 U.S. 321 (1987)). The D.C. Circuit observed that a contrary rule would impose “staggering” consequences, placing “an intolerable burden” on law enforcement if each query of a government database “were subject to Fourth Amendment challenges.” Id. at 499.
This is a version of the argument the government has used to be able to do back door searches of Section 702 data.
It also argued there was no suppression remedy included in 21 USC 876, again a parallel argument it has made in likely Section 215 cases.
Finally, it also argued, in passing, that its parallel construction was permissible because, “While it would not be improper for a law enforcement agency to take steps to protect the confidentiality of a law enforcement sensitive investigative technique, this case raises no such issue.” No parallel construction happened, it claims, in spite of changing stories in the DHS affidavit.
Yesterday, Hassanshahi responded. (h/t SC) In it, his attorneys distinguished the use of the DEA dragnet for purposes not permitted by the law — a systematic violation of the law, they argue — from the use of properly collected data in other investigations.
Title 21 USC § 876 allows the government to serve an administrative subpoena in connection with a purely drug enforcement investigation. Government has systematically violated this statute for over a decade by using the subpoena process to secretly gather a database of telephony information on all Americans, and then utilizing the database (while disguising its source) in all manner of investigations in all fields not related to drugs at all.
This was not a one-time or negligent statutory violation that happened to uncover evidence of another crime, or even the sharing of information legitimately gathered for one purpose with another agency. Cf. Johnson v. Quander, 440 F.3d 489 (D.C.Cir. 2006) (government may use DNA profiles gathered pursuant to and in conformance with statute for other investigations). By its very nature, the gathering of telephony information was repeated and systematic, as was the making available of the database to all government agencies, and all aspects of the scheme (from gathering to dissemination outside drug investigations) violated the statute.
But more importantly, Hassanshahi pointed to the government’s request — from before they were ordered to ‘fess up about this dragnet — that the Judge assume this dragnet was unconstitutional, to argue the government has already ceded the question of standing.
Defendant herein submits that a systematic statutory violation, or a program whose purpose is to violate the statute continuously over decades, presents a case of first impression not governed by Sanchez-Llamas or other government cases.
But the Court need not reach the novel issue because in the instant case, the government already conceded that use of the database was a constitutional violation of Mr. Hassanshahi’s rights. Indeed the Court asked this Court to assume the constitutional violation. Mem. Dec. p. 9. Where there is a statutory violation plus an individual constitutional violation, the evidence shall be suppressed even under government’s cited cases.
Government now argues Mr. Hassanshahi “lacks standing” to contest the statutory violation. Again, government forgets it previously conceded that use of the database was unconstitutional, meaning unconstitutional as to defendant (otherwise the concession was meaningless and afforded no grounds to withhold information). Mr. Hassanshahi obviously has standing to assert a conceded constitutional violation. [emphasis original]
In short, Hassanshahi is making a challenge to the logic behind this and a number of other dragnets, or demanding the judge suppress the evidence against him (which would almost certainly result in dismissal of the case).
We’ll see how Contraras responds to all this, but given that he has let it get this far, he may be sympathetic to this argument.
In which case, things would get fun pretty quickly. Because you’d have a defendant with standing arguing not just that the use of the DEA dragnet for non-DEA uses was unconstitutional, but also that all the arguments that underly the use of the phone dragnet and back door searches were unconstitutional. And he’d be doing so in the one circuit with a precedent on mosaic collection that could quickly get implicated here. This case, far more than even the ACLU lawsuit against the Section 215 database (but especially the Smith and Klayman challenges), and even than Basaaly Moalin’s challenge to the use of the 215 dragnet against him, would present real problems for the claims to dragnet legally.
In other words, if this challenge were to go anywhere, it would present big problems not only for other uses of the DEA dragnet, but also, possibly, for the NSA dragnets.
Mind you, there is no chance in hell the government would let it get that far. They’d settle with Hassanshahi long before they permitted that to happen in a bid to find a way to bury this DEA dragnet once and for all and retain their related arguments for use with the NSA dragnets and related collection.
But we might get the dragnetters sweat just a bit.
In a piece on the DEA dragnet the other day, Julian Sanchez made an important point. The existence of the DEA dragnet — and FBI’s use of it in previous terrorist attacks — destroys what little validity was left of the claim that NSA needed the Section 215 dragnet after 9/11 to close a so-called “gap” they had between a safe house phone in Yemen and plotters in the US (though an international EO 12333 database would have already proven that wrong).
First, the program’s defenders often suggest that had we only had some kind of bulk telephone database, the perpetrators of the 9/11 attacks could have been identified via their calls to a known safehouse in Yemen. Now, of course, we know that there was such a database—and indeed, a database that had already been employed in other counterterror investigations, including the 1995 Oklahoma City bombing. It does not appear to have helped.
But the DEA dragnet is even more damning for another set of claims, and for another terrorist attack such dragnets failed to prevent: former DEA informant David Headley, one of the key planners of the 2008 Mumbai attack.
As ProPublica extensively reported in 2013, Headley first got involved in Lashkar-e-Taiba while he remained on the DEA’s payroll, at a time when he was targeting Pakistani traffickers. Indeed, after 9/11, his DEA handler called him for information on al Qaeda. All this time, Headley was working phone based sources.
Headley returned to New York and resumed work for the DEA in early 2000. That April, he went undercover in an operation against Pakistani traffickers that resulted in the seizure of a kilo of heroin, according to the senior DEA official.
At the same time, Headley immersed himself in the ideology of Lashkar-i-Taiba. He took trips to Pakistan without permission of the U.S. authorities. And in the winter of 2000, he met Hafiz Saeed, the spiritual leader of Lashkar.
Saeed had built his group into a proxy army of the Pakistani security forces, which cultivated militant groups in the struggle against India. Lashkar was an ally of al Qaeda, but it was not illegal in Pakistan or the United States at the time.
Headley later testified that he told his DEA handler about his views about the disputed territory of Kashmir, Lashkar’s main battleground. But the senior DEA official insisted that agents did not know about his travel to Pakistan or notice his radicalization.
On Sept. 6, 2001, Headley signed up to work another year as a DEA informant, according to the senior DEA official.
On Sept. 12, Headley’s DEA handler called him.
Agents were canvassing sources for information on the al Qaeda attacks of the day before. Headley angrily said he was an American and would have told the agent if he knew anything, according to the senior DEA official.
Headley began collecting counterterror intelligence, according to his testimony and the senior DEA official. He worked sources in Pakistan by phone, getting numbers for drug traffickers and Islamic extremists, according to his testimony and U.S. officials.
Even at this early stage, the FBI had a warning about Headley, via his then girlfriend who warned a bartender Headley had cheered the 9/11 attack; the bartender passed on the tip. And Headley was providing the DEA — which already had a dragnet in place — phone data on his contacts, including Islamic extremists, in Pakistan.
ProPublica’s sources provide good reason to believe DEA, possibly with the FBI, sent Headley to Pakistan even after that tip, and remained an informant until at least 2005.
So the DEA (or whatever agency had sent him) not only should have been able to track Headley and those he was talking to using their dragnet, but they were using him to get phone contacts they could track (and my understanding is that agreeing to be an informant amounts to consent to have your calls monitored, though see this post on the possible “defeat” of informant identifiers).
Maybe. And/or maybe Headley taught his co-conspirators how to avoid detection.
Of course, Headley could have just protected some of the most interesting phone contacts of his associates (but again, DEA should have tracked who he was talking to if they were using him to collect telephony intelligence).
More importantly, he may have alerted Laskar-e-Taiba to phone-based surveillance.
In a December joint article with the NYT, ProPublica provided details on how one of Headley’s co-conspirators, Zarrar Shah, set up a New Jersey-based VOIP service so it would appear that their calls were originating in New Jersey.
Not long after the British gained access to his communications, Mr. Shah contacted a New Jersey company, posing online as an Indian reseller of telephone services named Kharak Singh, purporting to be based in Mumbai. His Indian persona started haggling over the price of a voice-over-Internet phone service — also known as VoIP — that had been chosen because it would make calls between Pakistan and the terrorists in Mumbai appear as if they were originating in Austria and New Jersey.
“its not first time in my life i am perchasing in this VOIP business,” Mr. Shah wrote in shaky English, to an official with the New Jersey-based company when he thought the asking price was too high, the GCHQ documents show. “i am using these services from 2 years.”
Mr. Shah had begun researching the VoIP systems, online security, and ways to hide his communications as early as mid-September, according to the documents.
Eventually Mr. Shah did set up the VoIP service through the New Jersey company, ensuring that many of his calls to the terrorists would bear the area code 201, concealing their actual origin.
We have reason to believe that VOIP is one of the gaps in all domestic-international dragnets that agencies are just now beginning to close. And by proxying through the US, those calls would have been treated as US person calls (though given the clear foreign intelligence purpose, they would have met any retention guidelines, though may have been partly blocked in CIA’s dragnet). While there’s no reason to believe that Headley knew that, he likely knew what kind of phone records his handlers had been most interested in.
But it shouldn’t have mattered. As the article makes clear, GCHQ not only collected the VOIP communications, but Shah’s communications as he set them up.
I’ve been arguing for years that if dragnet champions want to claim they work, they need to explain why they point to Headley as a success story because they prevented his planned attack on a Danish newspaper, when they failed to prevent the even more complex Mumbai attack. Nevertheless, they did claim it — or at least strongly suggest it — as a success, as in FBI Acting Assistant Director Robert Holley’s sworn declaration in Klayman v. Obama.
In October 2009, David Coleman Headley, a Chicago businessman and dual U.S. and Pakistani citizen, was arrested by the FBI as he tried to depart from Chicago O’Hare airport on a trip to Pakistan. At the time of his arrest, Headley and his colleagues, at the behest of al-Qa’ida, were plotting to attack the Danish newspaper that published cartoons depicting the Prophet Mohammed. Headley was later charged with support for terrorism based on his involvement in the planning and reconnaissance for the 2008 hotel attack in Mumbai. Collection against foreign terrorists and telephony metadata analysis were utilized in tandem with FBI law enforcement authorities to establish Headley’s foreign ties and put them in context with his U.S. based planning efforts.
That said, note how Holley doesn’t specifically invoke Section 215 (or, for that matter, Section 702, which the FBI had earlier claimed they used against Headley)?
Now compare that to what the Privacy and Civil Liberties Oversight Board said about the use of Section 215 against Headley.
In October 2009, Chicago resident David Coleman Headley was arrested and charged for his role in plotting to attack the Danish newspaper that published inflammatory cartoons of the Prophet Mohammed. He was later charged with helping orchestrate the 2008 Mumbai hotel attack, in collaboration with the Pakistan-based militant group Lashkar-e-Taiba. He pled guilty and began cooperating with authorities.
Headley, who had previously served as an informant for the Drug Enforcement Agency, was identified by law enforcement as involved in terrorism through means that did not involve Section 215. Further investigation, also not involving Section 215, provided insight into the activities of his overseas associates. In addition, Section 215 records were queried by the NSA, which passed on telephone numbers to the FBI as leads. Those numbers, however, only corroborated data about telephone calls that the FBI obtained independently through other authorities.
Thus, we are aware of no indication that bulk collection of telephone records through Section 215 made any significant contribution to the David Coleman Headley investigation.
First, by invoking Headley’s role as an informant, PCLOB found reason to focus on DEA right before they repeatedly point to other authorities: Headley was IDed by “law enforcement” via means that did not involve 215, his collaborators were identified via means that did not involve 215, and when they finally did query 215, they only “corroborated data about telephone calls that the FBI had obtained independently through other authorities.”
While PCLOB doesn’t say any of these other authorities are DEA’s dragnet, all of them could be (though some of them could also be NSA’s EO 12333 dragnet, or whatever dragnet CIA runs, or GCHQ collection, or Section 702, or — some of them — FBI NSL-based collection, or tips). What does seem even more clear now than when PCLOB released this is that NSA was trying to claim credit for someone else’s dragnet, so much so that even the FBI itself was hedging claims when making sworn declarations.
Of course, whatever dragnet it was that identified Headley’s role in Laskar-e-Taiba, even the DEA’s own dragnet failed to identify him in the planning stage for the larger of the attacks.
If the DEA’s own dragnet can’t find its own informant plotting with people he’s identified in intelligence reports, how successful is any dragnet going to be?
I’ve been laying this explanation out since USA Today provided new details on DEA’s International Dragnet, but it’s clear it needs to be done in more systematic fashion, because really smart people continue to mistakenly treat the Section 215 database as the analogue to the DEA dragnet described by USAT, which it’s not. There are at least five known telecommunications dragnets (some of which appear to integrate other kinds of metadata, especially Internet metadata). Here’s a quick guide to what is known about each (click to enlarge, let me know of corrections/additions, I will do running updates to make this more useful):
When people think about the NSA dragnet they mistakenly think exclusively of Section 215. That is probably the result of a deliberate strategy from the government, but it leads to gross misunderstanding on many levels. As Richard Clarke said in Congressional testimony last year, Section “215 produces a small percentage of the overall data that’s collected.”
Like DEA, NSA has a dragnet of international phone calls, including calls into the United States. This is presumably limited only by technical capability, meaning the only thing excluded from this dragnet are calls NSA either doesn’t want or that it can’t get overseas (and note, some domestic cell phone data may be available offshore because of roaming requirements). David Kris has said that what collection of this comes from domestic providers comes under 18 U.S.C. § 2511(2)(f). And this dragnet is not just calls: it is also a whole slew of Internet data (because of the structure of the Internet, this will include a great deal of US person data). And it surely includes a lot of other data points, almost certainly including location data. Analysts can probably access Five Eyes and other intelligence partner data, though this likely includes additional restrictions.
There are, within this dragnet, two sets of procedures for accessing it. There is straight EO 12333, which appears to defeat US person data (so if you’re contact chaining and a known US person is included in the chain, you won’t see it). This collection requires only a foreign intelligence purpose (which counternarcotics is explicitly included in). Standard NSA minimization procedures apply, which — given that this is not supposed to include US person data — are very permissive.
Starting in 2008 (and probably before 2004, at least as part of Stellar Wind), specially-trained analysts are also permitted to include US persons in the contact chaining they do on EO 12333 data, under an authority call “SPCMA” for “special procedures.” They can’t target Americans, but they can analyze and share US person data (and NSA has coached analysts how to target a foreign entity to get to the underlying US data). This would be treated under NSA’s minimization procedures, meaning US person data may get masked unless there’s a need for it. Very importantly, this chaining is not and never was limited to counterterrorism purposes — it only requires a foreign intelligence purpose. Particularly because so much metadata on Americans is available overseas, this means NSA can do a great deal of analysis on Americans without any suspicion of criminal ties.
Both of these authorities appear to link right into other automatic functions, including things like matching identities (such that it would track “emptywheel” across all the places I use that as my uniquename) and linking directly up to content, if it has been collected.
Then there is the Section 215 dragnet, which prior to 2006 was conducted with telecoms voluntarily producing data but got moved to Section 215 thereafter; there is a still-active Jack Goldsmith OLC opinion that says the government does not need any additional statutory authorization for the dragnet (though telecoms aside from AT&T would likely be reluctant to do so now without liability protection and compensation).
Until 2009, the distinctions between NSA’s EO 12333 data and Section 215 were not maintained. Indeed, in early 2008 “for purposes of analytical efficiency,” the Section 215 data got dumped in with the EO 12333 data and it appears the government didn’t even track data source (which FISC made them start doing by tagging each discrete piece of data in 2009), and so couldn’t apply the Section 215 rules as required. Thus, until 2009, the Section 215 data was subjected to the automatic analysis the EO 12333 still is. That was shut down in 2009, though the government kept trying to find a way to resume such automatic analysis. It never succeeded and finally gave up last year, literally on the day the Administration announced its decision to move the data to the telecoms.
The Section 215 phone dragnet can only be used for counterterrorism purposes and any data that gets disseminated outside of those cleared for BRFISA (as the authority is called inside NSA) must be certified as to that CT purpose. US person identifiers targeted in the dragnet must first be reviewed to ensure they’re not targeted exclusively for First Amendment reasons. Since last year, FISC has pre-approved all identifiers used for chaining except under emergencies. Though note: Most US persons approved for FISA content warrants are automatically approved for Section 215 chaining (I believe this is done to facilitate the analysis of the content being collected).
Two very important and almost universally overlooked points. First, analysts access (or accessed, at least until 2011) BRFISA data from the very same computer interface as they do EO 12333 data (see above, which would have dated prior to the end of 2011). Before a chaining session, they just enter what data repositories they want access to and are approved for, and their analysis will pull from all those repositories. Chaining off data from more than one repository is called a “federated” query. And the contact chaining they got — at least as recently as 2011, anyway — also included data from both EO 12333 collection and Section 215 collection, both mixed in together. Importantly, data with one-end in foreign will be redundant, collected under both EO 12333 and 215. Indeed, a training program from 2011 trained analysts to re-run BRFISA queries that could be replicated under EO 12333 so they could be shared more permissively. That said, a footnote (see footnote 13) in phone dragnet orders that has mostly remained redacted appears to impose the BRFISA handling rules on any data comingled with it, so this may limit (or have imposed new more recent limits) on contact chaining between authorities.
As I noted, NSA shut down the automatic features on BRFISA data in 2009. But once data comes back in a query, it can be subjected to NSA’s “full range of analytical tradecraft,” as every phone dragnet order explains. Thus, while the majority of Americans who don’t come up in a query don’t get subjected to more intrusive analysis, if you’re 3 hops (now 2) from someone of interest, you can be — everything, indefinitely. I would expect that to include trolling all of NSA’s collected data to see if any of your other identifiable data comes up in interesting ways. That’s a ton of innocent people who get sucked into NSA’s maw and will continue to even after/if the phone dragnet moves to the providers.
As I said, the analogue to the program described by the USA Today, dubbed USTO, is not the Section 215 database, but instead the EO 12333 database (indeed, USAT describes that DEA included entirely foreign metadata in their database as well). The data in this program provided by domestic providers came under 21 USC 876 — basically the drug war equivalent of the Section 215 “tangible things” provision. An DEA declaration in the Shantia Hassanshahi case claims it only provides base metadata, but it doesn’t specify whether that includes or excludes location. As USAT describes (and would have to be the case for Hassanshahi to be busted for sanctions violations using it, not to mention FBI’s success at stalling of DOJ IG’s investigation into it), this database came to be used for other than counternarcotics purposes (note, this should have implications for EO 12333, which I’ll get back to). And, as USAT also described, like the NSA dragnet, the USTO also linked right into automatic analysis (and, I’m willing to bet good money, tracked multiple types of metadata). As USAT describes, DEA did far more queries of this database than of the Section 215 dragnet, but that’s not analogous; the proper comparison would be with NSA’s 12333 dragnet, and I would bet the numbers are at least comparable (if you can even count these automated chaining processes anymore). DEA says this database got shut down in 2013 and claims the data was purged. DEA also likely would like to sell you the Brooklyn Bridge real cheap.
There’s also a domestic drug-specific dragnet, Hemisphere, that was first exposed by a NYT article. This is not actually a DEA database at all. Rather, it is a program under the drug czar that makes enhanced telecom data available for drug purposes, while the records appear to stay with the telecom.
This seems to have been evolving since 2007 (which may mark when telecoms stopped turning over domestic call records for a range of purposes). At one point, it pulled off multiple providers’ networks, but more recently it has pulled only off AT&T’s networks (which I suspect is increasingly what has happened with the Section 215 phone dragnet).
But the very important feature of Hemisphere — particularly as compared to its analogue, the Section 215 dragnet — is that the telecoms perform the same kind of analysis they would do for their own purposes. This includes using location data and matching burner phones (though this is surely one of the automated functions included in NSA’s EO 12333 dragnet and DEA’s USTO). Thus, by keeping the data at the telecoms, the government appears to be able to do more sophisticated kinds of analysis on domestic data, even if it does so by accessing fewer records.
That is surely the instructive motivation behind Obama’s decision to “let” NSA move data back to the telecoms. It’d like to achieve what it can under Hemisphere, but with data from all telecom providers rather than just AT&T.
At least as the NSA documents concerning ICREACH tell it, CIA and DEA jointly developed a sharing platform called PROTON that surely overlaps with USTO in significant ways. But PROTON appeared to reside with CIA (and FBI and NSA were late additions to the PROTON sharing). PROTON included CIA specific metadata (that is, not telecommunications metadata but rather metadata tracking their own HUMINT). But in 2006 (these things all started to change around that time), NSA made a bid to become the premiere partner here with ICREACH, supporting more types of metadata and sharing it with international partners.
So we don’t know what CIA’s own dragnet looks like, just that it has one, one not bound to just telecommunications.
In addition, CIA has a foreign intelligence equivalent of Hemisphere, where it pays AT&T to “voluntarily” hand over data that is at least one-end foreign (and masks the US side unless the record gets referred to FBI).
Finally, CIA can “upload or transfer some or all” of the metadata that it pulls off of raw PRISM data received under 702 into its other databases. While this has to be targeted off a foreign target, that surely includes a lot of US person data, and metadata including Internet based calls, photos, as well as emails. CIA does a lot of metadata queries for other entities (other IC agencies? foreign partners? who knows!), and they don’t count it, so they are clearly doing a lot of it.
As far as we know, FBI does not have a true “bulk” dragnet, sucking up all the phone or Internet records for the US or foreign switches. But it surely has fairly massive metadata repositories itself.
Until 2006, it did, however, have something almost identical to what we understand Hemisphere to be, all the major telecoms, sitting onsite, ready to do sophisticated analysis of numbers offered up on a post-it note, with legal process to follow (maybe) if anything nifty got turned over. Under this program, AT&T offered some bells and whistles, included “communities of interest” that included at least one hop. That all started to get moved offsite in 2006, when DOJ’s IG pointed out that it didn’t comply with the law, but all the telecoms originally contracted (AT&T and the companies that now comprise Verizon, at least), remained on contract to provide those services albeit offsite for a few years. In 2009, one of the telecoms (which is likely part or all of Verizon) pulled out, meaning it no longer has a contract to provide records in response to NSLs and other process in the form the FBI pays it to.
FBI also would have a database of the records it has collected using NSLs and subpoenas (I’ll go look up the name shortly), going back decades. Plus, FBI, like CIA, can “upload or transfer some or all” of the metadata that it pulls off of raw PRISM data received under 702. So FBI has its own bulky database, but all of the data in it should have come in in relatively intentional if not targeted fashion. What FBI does have should date back much longer than NSA’s Section 215 database (30 years for national security data) and, under the new Section 309 restrictions on EO 12333 data, even NSA’s larger dragnet. On top of that, AT&T still provides 7 bells and whistles that are secret and that go beyond a plain language definition of what they should turn over in response to an NSL under ECPA (which probably parallel what we see going on in Hemisphere). In its Section 215 report, PCLOB was quite clear that FBI almost always got the information that could have come out of the Section 215 dragnet via NSLs and its other authorities, so it seems to be doing quite well obtaining what it needs without collecting all the data everywhere, though there are abundant reasons to worry that the control functions in FBI’s bulky databases are craptastic compared to what NSA must follow.