A Guide to the 5+ Known Intelligence Community Telecommunications Metadata Dragnets

I’ve been laying this explanation out since USA Today provided new details on DEA’s International Dragnet, but it’s clear it needs to be done in more systematic fashion, because really smart people continue to mistakenly treat the Section 215 database as the analogue to the DEA dragnet described by USAT, which it’s not. There are at least five known telecommunications dragnets (some of which appear to integrate other kinds of metadata, especially Internet metadata). Here’s a quick guide to what is known about each (click to enlarge, let me know of corrections/additions, I will do running updates to make this more useful):

150410 Dragnets

NSA, International

When people think about the NSA dragnet they mistakenly think exclusively of Section 215. That is probably the result of a deliberate strategy from the government, but it leads to gross misunderstanding on many levels. As Richard Clarke said in Congressional testimony last year, Section “215 produces a small percentage of the overall data that’s collected.”

Like DEA, NSA has a dragnet of international phone calls, including calls into the United States. This is presumably limited only by technical capability, meaning the only thing excluded from this dragnet are calls NSA either doesn’t want or that it can’t get overseas (and note, some domestic cell phone data may be available offshore because of roaming requirements). David Kris has said that what collection of this comes from domestic providers comes under 18 U.S.C. § 2511(2)(f). And this dragnet is not just calls: it is also a whole slew of Internet data (because of the structure of the Internet, this will include a great deal of US person data). And it surely includes a lot of other data points, almost certainly including location data. Analysts can probably access Five Eyes and other intelligence partner data, though this likely includes additional restrictions.

There are, within this dragnet, two sets of procedures for accessing it. There is straight EO 12333, which appears to defeat US person data (so if you’re contact chaining and a known US person is included in the chain, you won’t see it). This collection requires only a foreign intelligence purpose (which counternarcotics is explicitly included in). Standard NSA minimization procedures apply, which — given that this is not supposed to include US person data — are very permissive.

Starting in 2008 (and probably before 2004, at least as part of Stellar Wind), specially-trained analysts are also permitted to include US persons in the contact chaining they do on EO 12333 data, under an authority call “SPCMA” for “special procedures.” They can’t target Americans, but they can analyze and share US person data (and NSA has coached analysts how to target a foreign entity to get to the underlying US data). This would be treated under NSA’s minimization procedures, meaning US person data may get masked unless there’s a need for it. Very importantly, this chaining is not and never was limited to counterterrorism purposes — it only requires a foreign intelligence purpose. Particularly because so much metadata on Americans is available overseas, this means NSA can do a great deal of analysis on Americans without any suspicion of criminal ties.

Both of these authorities appear to link right into other automatic functions, including things like matching identities (such that it would track “emptywheel” across all the places I use that as my uniquename) and linking directly up to content, if it has been collected.

NSA, Domestic

Screen Shot 2014-02-16 at 10.42.09 PM Then there is the Section 215 dragnet, which prior to 2006 was conducted with telecoms voluntarily producing data but got moved to Section 215 thereafter; there is a still-active Jack Goldsmith OLC opinion that says the government does not need any additional statutory authorization for the dragnet (though telecoms aside from AT&T would likely be reluctant to do so now without liability protection and compensation).

Until 2009, the distinctions between NSA’s EO 12333 data and Section 215 were not maintained. Indeed, in early 2008 “for purposes of analytical efficiency,” the Section 215 data got dumped in with the EO 12333 data and it appears the government didn’t even track data source (which FISC made them start doing by tagging each discrete piece of data in 2009), and so couldn’t apply the Section 215 rules as required.  Thus, until 2009, the Section 215 data was subjected to the automatic analysis the EO 12333 still is. That was shut down in 2009, though the government kept trying to find a way to resume such automatic analysis. It never succeeded and finally gave up last year, literally on the day the Administration announced its decision to move the data to the telecoms.

The Section 215 phone dragnet can only be used for counterterrorism purposes and any data that gets disseminated outside of those cleared for BRFISA (as the authority is called inside NSA) must be certified as to that CT purpose. US person identifiers targeted in the dragnet must first be reviewed to ensure they’re not targeted exclusively for First Amendment reasons. Since last year, FISC has pre-approved all identifiers used for chaining except under emergencies. Though note: Most US persons approved for FISA content warrants are automatically approved for Section 215 chaining (I believe this is done to facilitate the analysis of the content being collected).

Two very important and almost universally overlooked points. First, analysts access (or accessed, at least until 2011) BRFISA data from the very same computer interface as they do EO 12333 data (see above, which would have dated prior to the end of 2011). Before a chaining session, they just enter what data repositories they want access to and are approved for, and their analysis will pull from all those repositories. Chaining off data from more than one repository is called a “federated” query. And the contact chaining they got — at least as recently as 2011, anyway — also included data from both EO 12333 collection and Section 215 collection, both mixed in together. Importantly, data with one-end in foreign will be redundant, collected under both EO 12333 and 215. Indeed, a training program from 2011 trained analysts to re-run BRFISA queries that could be replicated under EO 12333 so they could be shared more permissively. That said, a footnote (see footnote 13) in phone dragnet orders that has mostly remained redacted appears to impose the BRFISA handling rules on any data comingled with it, so this may limit (or have imposed new more recent limits) on contact chaining between authorities.

As I noted, NSA shut down the automatic features on BRFISA data in 2009. But once data comes back in a query, it can be subjected to NSA’s “full range of analytical tradecraft,” as every phone dragnet order explains. Thus, while the majority of Americans who don’t come up in a query don’t get subjected to more intrusive analysis, if you’re 3 hops (now 2) from someone of interest, you can be — everything, indefinitely. I would expect that to include trolling all of NSA’s collected data to see if any of your other identifiable data comes up in interesting ways. That’s a ton of innocent people who get sucked into NSA’s maw and will continue to even after/if the phone dragnet moves to the providers.

DEA, International

As I said, the analogue to the program described by the USA Today, dubbed USTO, is not the Section 215 database, but instead the EO 12333 database (indeed, USAT describes that DEA included entirely foreign metadata in their database as well). The data in this program provided by domestic providers came under 21 USC 876 — basically the drug war equivalent of the Section 215 “tangible things” provision. An DEA declaration in the Shantia Hassanshahi case claims it only provides base metadata, but it doesn’t specify whether that includes or excludes location.  As USAT describes (and would have to be the case for Hassanshahi to be busted for sanctions violations using it, not to mention FBI’s success at stalling of DOJ IG’s investigation into it), this database came to be used for other than counternarcotics purposes (note, this should have implications for EO 12333, which I’ll get back to). And, as USAT also described, like the NSA dragnet, the USTO also linked right into automatic analysis (and, I’m willing to bet good money, tracked multiple types of metadata). As USAT describes, DEA did far more queries of this database than of the Section 215 dragnet, but that’s not analogous; the proper comparison would be with NSA’s 12333 dragnet, and I would bet the numbers are at least comparable (if you can even count these automated chaining processes anymore). DEA says this database got shut down in 2013 and claims the data was purged. DEA also likely would like to sell you the Brooklyn Bridge real cheap.

DEA, Domestic

There’s also a domestic drug-specific dragnet, Hemisphere, that was first exposed by a NYT article. This is not actually a DEA database at all. Rather, it is a program under the drug czar that makes enhanced telecom data available for drug purposes, while the records appear to stay with the telecom.

This seems to have been evolving since 2007 (which may mark when telecoms stopped turning over domestic call records for a range of purposes).  At one point, it pulled off multiple providers’ networks, but more recently it has pulled only off AT&T’s networks (which I suspect is increasingly what has happened with the Section 215 phone dragnet).

But the very important feature of Hemisphere — particularly as compared to its analogue, the Section 215 dragnet — is that the telecoms perform the same kind of analysis they would do for their own purposes. This includes using location data and matching burner phones (though this is surely one of the automated functions included in NSA’s EO 12333 dragnet and DEA’s USTO). Thus, by keeping the data at the telecoms, the government appears to be able to do more sophisticated kinds of analysis on domestic data, even if it does so by accessing fewer records.

That is surely the instructive motivation behind Obama’s decision to “let” NSA move data back to the telecoms. It’d like to achieve what it can under Hemisphere, but with data from all telecom providers rather than just AT&T.

CIA

At least as the NSA documents concerning ICREACH tell it, CIA and DEA jointly developed a sharing platform called PROTON that surely overlaps with USTO in significant ways. But PROTON appeared to reside with CIA (and FBI and NSA were late additions to the PROTON sharing). PROTON included CIA specific metadata (that is, not telecommunications metadata but rather metadata tracking their own HUMINT).  But in 2006 (these things all started to change around that time), NSA made a bid to become the premiere partner here with ICREACH, supporting more types of metadata and sharing it with international partners.

So we don’t know what CIA’s own dragnet looks like, just that it has one, one not bound to just telecommunications.

In addition, CIA has a foreign intelligence equivalent of Hemisphere, where it pays AT&T to “voluntarily” hand over data that is at least one-end foreign (and masks the US side unless the record gets referred to FBI).

Finally, CIA can “upload or transfer some or all” of the metadata that it pulls off of raw PRISM data received under 702 into its other databases. While this has to be targeted off a foreign target, that surely includes a lot of US person data, and metadata including Internet based calls, photos, as well as emails. CIA does a lot of metadata queries for other entities (other IC agencies? foreign partners? who knows!), and they don’t count it, so they are clearly doing a lot of it.

FBI

As far as we know, FBI does not have a true “bulk” dragnet, sucking up all the phone or Internet records for the US or foreign switches. But it surely has fairly massive metadata repositories itself.

Until 2006, it did, however, have something almost identical to what we understand Hemisphere to be, all the major telecoms, sitting onsite, ready to do sophisticated analysis of numbers offered up on a post-it note, with legal process to follow (maybe) if anything nifty got turned over. Under this program, AT&T offered some bells and whistles, included “communities of interest” that included at least one hop. That all started to get moved offsite in 2006, when DOJ’s IG pointed out that it didn’t comply with the law, but all the telecoms originally contracted (AT&T and the companies that now comprise Verizon, at least), remained on contract to provide those services albeit offsite for a few years. In 2009, one of the telecoms (which is likely part or all of Verizon) pulled out, meaning it no longer has a contract to provide records in response to NSLs and other process in the form the FBI pays it to.

FBI also would have a database of the records it has collected using NSLs and subpoenas (I’ll go look up the name shortly), going back decades. Plus, FBI, like CIA, can “upload or transfer some or all” of the metadata that it pulls off of raw PRISM data received under 702. So FBI has its own bulky database, but all of the data in it should have come in in relatively intentional if not targeted fashion. What FBI does have should date back much longer than NSA’s Section 215 database (30 years for national security data) and, under the new Section 309 restrictions on EO 12333 data, even NSA’s larger dragnet. On top of that, AT&T still provides 7 bells and whistles that are secret and that go beyond a plain language definition of what they should turn over in response to an NSL under ECPA (which probably parallel what we see going on in Hemisphere). In its Section 215 report, PCLOB was quite clear that FBI almost always got the information that could have come out of the Section 215 dragnet via NSLs and its other authorities, so it seems to be doing quite well obtaining what it needs without collecting all the data everywhere, though there are abundant reasons to worry that the control functions in FBI’s bulky databases are craptastic compared to what NSA must follow.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

“Information Is No Longer Being Collected in Bulk [Pursuant to 21 U.S.C. § 876]”

Given the details in yesterday’s USAT story on DEA’s dragnet, I wanted to re-examine the DEA declaration revealing details of the phone dragnet in the Shantia Hassanshahi case which I wrote about here. As I noted then, there’s a footnote modifying the claim that the database in question “was suspended in September 2013” that is entirely redacted. And the declaration only states that “information is no longer being collected in bulk pursuant to 21 U.S.C. §876,” not that it is no longer being collected.

According to the USAT, DEA moved this collection to more targeted subpoenas that may number in the thousands.

The DEA asked the Justice Department to restart the surveillance program in December 2013. It withdrew that request when agents came up with a new solution. Every day, the agency assembles a list of the telephone numbers its agents suspect may be tied to drug trafficking. Each day, it sends electronic subpoenas — sometimes listing more than a thousand numbers — to telephone companies seeking logs of international telephone calls linked to those numbers, two official familiar with the program said.

The data collection that results is more targeted but slower and more expensive. Agents said it takes a day or more to pull together communication profiles that used to take minutes.

We should expect this move occurred either in the second half of 2013 (after the dragnet first got shut down) or the first half of 2014 (after DEA backed off its request to restart the draget). And we should expect these numbers to show in the telecoms transparency reports.

But they don’t — or don’t appear to.

Both AT&T and Verizon reported their 2013 numbers for the entire year. They both broke out their 2014 numbers semiannually. (Verizon; AT&T 2013AT&T 2014; h/t Matt Cagle, who first got me looking at these numbers)

Here are the numbers for all subpoenas (see correction below):

Screen Shot 2015-04-08 at 1.50.32 PM

Both companies show a decrease in overall criminal subpoenas from 2013 to 2014. And while Verizon shows a continued decline, AT&T’s subpoena numbers went back up in the second half of 2014, but still lower than half of 2013’s numbers.

In any case, both companies report at least 15% fewer subpoenas in 2014, at a time when — according to what USAT got told — they should have been getting thousands of extra subpoenas a day.

It is possible what we’re seeing is just the decreased utility of phone records. As the USAT notes, criminals are increasingly using messaging platforms that use the Internet rather than telecoms.

But it’s possible the DEA’s dragnet went somewhere else entirely.

Though USAT doesn’t mention it (comparing instead with the Section 215 dragnet, which is not a comparable program because it, like Hemisphere as far as we know, focuses solely on domestic records), the NSA has an even bigger phone and Internet dragnet that collects on drug targets. Indeed, President Obama included “transnational criminal threats” among the uses permitted for data collected in bulk under PPD-28, which he issued January 17, 2014. So literally weeks after DEA supposedly moved to subpoena-based collection in December 2013, the President reiterated support for using NSA (or, indeed, any part of the Intelligence Community) bulk collections to pursue transnational crime, of which drug cartels are the most threatening.

There is no technical reason to need to collect this data in the US. Indeed, given the value of location data, the government is better off collecting it overseas to avoid coverage under US v. Jones. Moreover, as absolutely crummy as DOJ is about disclosing these kinds of subpoenas, it has disclosed them, whereas it continues to refuse to disclose any collection under EO 12333.

Perhaps it is the case that DEA really replaced its dragnet with targeted collection. Or perhaps it simply moved it under a new shell, EO 12333 collection, where it will remain better hidden.

Update: I realized I had used criminal subpoenas for AT&T, but not for Verizon (which doesn’t break out criminal and civil). Moreover, it’s not clear whether the telecoms would consider these criminal or civil subpoenas.

I also realized one other possible explanation why these don’t show up in the numbers. USAT reports that DEA uses subpoenas including thousands of numbers, whereas they used to use a subpoena to get all the records. That is, the telecoms may count each of these subpoenas as just one subpoena, regardless of whether it obtains 200 million or 1,000 numbers. Which would have truly horrifying implications for “Transparency.”

Update: There would be limitations to relying on the NSA’s database (though DEA could create its own for countries of particular interest). First, DEA could not search for US person identifiers without Attorney General approval (though under SPMCA, it could conduct chaining it knew to include US persons). Also, as of August 2014, at least, NSA wasn’t sharing raw EO 12333 data with other agencies, per this Charlie Savage story.

The N.S.A. is also permitted to search the 12333 storehouse using keywords likely to bring up Americans’ messages. Such searches must have “foreign intelligence” purposes, so analysts cannot hunt for ordinary criminal activity.

For now, the N.S.A. does not share raw 12333 intercepts with other agencies, like the F.B.I. or the C.I.A., to search for their own purposes. But the administration is drafting new internal guidelines that could permit such sharing, officials said.

That said, it’s clear that NSA shares metadata under ICREACH with other agencies, explicitly including DEA.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

DEA Likely Has More than One Dragnet

As yesterday’s USAT story on the DEA dragnet reported, DOJ’s Inspector General is investigating DEA’s dragnet. I first reported that in April 2014.

As I also reported in February, FBI is obstructing that investigation — so much so, that DOJ’s Inspector General Michael Horowitz encouraged Congress to start using appropriations to force it to stop.

The unfulfilled information request that causes the OIG to make this report was sent to the FBI on November 20,2014. Since that time, the FBI has made a partial production in this matter, and there have been multiple discussions between the OIG and the FBI about this request, resulting in the OIG setting a final deadline for production of all material of February 13,2015.

On February 12, 2015, the FBI informed the OIG that it would not be able to produce the remaining records by the deadline. The FBI gave an estimate of 1-2 weeks to complete the production but did not commit to do so by a date certain. The reason for the FBI’s inability to meet the prior deadline set by the OIG for production is the FBI’s desire to continue its review of emails requested by the OIG to determine whether they contain any information which the FBI maintains the OIG is not legally entitled to access, such as grand jury, Title III electronic surveillance, and Fair Credit Reporting Act information.

DOJ IG’s comments about this investigation are worth reconsideration for two reasons.

First, FBI’s obstruction of the investigation emphasize what we already knew from the Shantia Hassanshahi case (via which we first learned about this database). The FBI is (was) also using this database, and for purposes that far exceed counter-narcotics (Hassanshahi was busted for sanctions violations). And, as the Homeland Security investigator’s dramatically changing stories about how he first identified Hassanshahi suggest, for each of those usages, there’s likely some kind of parallel construction going on.

How many cases have been based off this giant dragnet?

But also look at how DOJ’s IG has described this investigation.

Administrative Subpoenas

The OIG is examining the DEA’s use of administrative subpoenas to obtain broad collections of data or information. The review will address the legal authority for the acquisition or use of these data collections; the existence and effectiveness of any policies and procedural safeguards established with respect to the collection, use, and retention of the data; the creation, dissemination, and usefulness of any products generated from the data; and the use of “parallel construction” or other techniques to protect the confidentiality of these programs.

DOJ IG is investigation DEA’s use of subpoenas to obtain broad collections of data or information. Its review will address the legal authority underlying these data collections.

Collections, plural.

Admittedly, we already know of two DEA dragnets: the international dragnet described by the USAT, and the domestic one — Hemisphere — though that resides at least partially with the White House Drug Czar.

But the authority used in the USAT dragnet, 21 USC 876, is the drug equivalent of Section 215, permitting the agency to obtain “tangible things” relevant to (that phrase again) an investigation. We know FBI used equivalent language under Section 215 to collect financial and Internet records as well.

Hell, the DEA couldn’t very well track drug cartels without following the money, via whatever means. Plus, we know cartels have used things like travelers checks and gift cards to move money in recent years.

So I would be willing to bet more than a few quarters that DOJ IG’s use of the term “collections” suggests there’s more than just these telecom dragnets hiding somewhere.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Everything in the War on Terror Came from the War on Drugs

bmaz has long insisted, correctly, that all the tricks they have used in the war on terror came first from the war on drugs.

The USA Today’s Brad Heath demonstrates how true that is with a blockbuster story on a DEA dragnet, called the USTO, of US to international calls covering up to 116 countries that operated similarly to the NSA dragnet. It dates back to the last days of Poppy Bush’s administration. And key figures — especially Robert Mueller, but also Eric Holder — played roles in it in their earlier Executive Branch careers. And, no surprise, the DEA never gave discovery on the collection to defendants.

Definitely read the whole thing. But I’m particularly interested in the last paragraphs, which explain what happened to it. After Snowden exposed the NSA version of the dragnet (which includes the US, as well as foreign countries) and the government kept arguing that was justified because of its special intelligence purpose, the claims they made to justify the DEA dragnet started to fall apart. Plus, it has become less useful anyway, now that more people use the Intertoobz.

It was made abundantly clear that they couldn’t defend both programs,” a former Justice Department official said. Others said Holder’s message was more direct. “He said he didn’t think we should have that information,” a former DEA official said.

By then, agents said USTO was suffering from diminishing returns. More criminals — especially the sophisticated cartel operatives the agency targeted — were communicating on Internet messaging systems that are harder for law enforcement to track.

Still, the shutdown took a toll, officials said. “It has had a major impact on investigations,” one former DEA official said.

The DEA asked the Justice Department to restart the surveillance program in December 2013. It withdrew that request when agents came up with a new solution. Every day, the agency assembles a list of the telephone numbers its agents suspect may be tied to drug trafficking. Each day, it sends electronic subpoenas — sometimes listing more than a thousand numbers — to telephone companies seeking logs of international telephone calls linked to those numbers, two official familiar with the program said.

The data collection that results is more targeted but slower and more expensive. Agents said it takes a day or more to pull together communication profiles that used to take minutes.

This lesson is instructive for the NSA dragnet. It points to one reason why the NSA dragnet may not get all the “calls” it wants: because of messaging that bypasses the telecom backbone. And it shows that an alternative approach can be used.

 

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

American Hegemony: Delivering “Unpredictable Instability” the World Over

I love Global Threat Hearings and curse you Richard Burr for holding the Senate Intelligence Committee’s hearing in secret.

At least John McCain had the courage to invite James Clapper for what might have been (but weren’t) hard questions in public in front of Senate Armed Services Committee Thursday.

Clapper started with a comment that was not prominent in (though it definitely underscored) his written testimony (Update: Here’s the transcript of his as-delivered statement.)

Unpredictable instability is the new normal.The year 2014 saw the highest rate of political instability since 1992. The most deaths as a result of state-sponsored mass killings since the early 1990s. And the highest number of refugees and internally displaced persons (or IDPs) since World War II. Roughly half of the world’s currently stable countries are at some risk of instability over the next two years.

It’s a damning catalog. All the more so given that the US has been the world’s unquestioned hegemon since that period in the early 1990s when everything has been getting worse, since that period when the first President Bush promised a thousand points of light.

And while the US can’t be held responsible for all the instability in the world right now, it owns a lot of it: serial invasions in the Middle East and the coddling of Israel account for many of the refugees (though there’s no telling what would have happened with the hundred thousand killed and millions of refugees in Syria had the second President Bush not invaded Iraq, had he taken Bashar al-Assad up on an offer to partner against al Qaeda, had we managed the aftermath of the Arab Spring differently).

US-backed neoliberalism and austerity — and the underlying bank crisis that provided the excuse for it — has contributed to instability elsewhere, and probably underlies those countries that Clapper thinks might grow unstable in the next year.

We’re already seeing instability arising from climate change; the US owns some of the blame for that, and more for squandering its leadership role on foreign adventures rather than pushing a solution to that more urgent problem (Clapper, by the way, thinks climate change is a problem but unlike Obama doesn’t consider it the most serious one).

There are, obviously, a lot of other things going on. Clapper talked admiringly of China’s modernization of its military, driven by domestically developed programs, an obvious development when a country becomes the manufacturing powerhouse of the world. But China’s growing influence comes largely in the wake of, and in part because of, stupid choices the US has made.

There was, predictably, a lot of discussion about cyberthreats, even featuring Senate Intelligence Committee member Angus King arguing we need an offensive threat (we’ve got one — and have been launching pre-emptive strikes for 9 years now — as he would know if he paid attention to briefings or read the Intercept or the New York Times) to deter others from attacking us with cyberweapons.

Almost everyone at the hearing wanted to talk about Iran, without realizing that a peace deal with it would finally take a step towards more stability (until our allies the Saudis start getting belligerent as a result).

Still, even in spite of the fact that Clapper started with this inventory of instability, there seemed zero awareness of what a damning indictment that is for the world’s hegemon. Before we address all these other problems, shouldn’t we focus some analysis on why American hegemony went so badly wrong?

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

FBI Now Holding Up Michael Horowitz’ Investigation into the DEA

Man, at some point Congress is going to have to declare the FBI legally contemptuous and throw them in jail.

They continue to refuse to cooperate with DOJ’s Inspector General, as they have been for basically 5 years. But in Michael Horowitz’ latest complaint to Congress, he adds a new spin: FBI is not only obstructing his investigation of the FBI’s management impaired surveillance, now FBI is obstructing his investigation of DEA’s management impaired surveillance.

I first reported on DOJ IG’s investigation into DEA’s dragnet databases last April. At that point, the only dragnet we knew about was Hemisphere, which DEA uses to obtain years of phone records as well as location data and other details, before it them parallel constructs that data out of a defendant’s reach.

But since then, we’ve learned of what the government claims to be another database — that used to identify Shantia Hassanshahi in an Iranian sanctions case. After some delay, the government revealed that this was another dragnet, including just international calls. It claims that this database was suspended in September 2013 (around the time Hemisphere became public) and that it is no longer obtaining bulk records for it.

According to the latest installment of Michael Horowitz’ complaints about FBI obstruction, he tried to obtain records on the DEA databases on November 20, 2014 (of note, during the period when the government was still refusing to tell even Judge Rudolph Contreras what the database implicating Hassanshahi was). FBI slow-walked production, but promised to provide everything to Horowitz by February 13, 2015. FBI has decided it has to keep reviewing the emails in question to see if there is grand jury, Title III electronic surveillance, and Fair Credit Reporting Act materials, which are the same categories of stuff FBI has refused in the past. So Horowitz is pointing to the language tied to DOJ’s appropriations for FY 2015 which (basically) defunded FBI obstruction.

Only FBI continues to obstruct.

There’s one more question about this. As noted, this investigation is supposed to be about DEA’s databases. We’ve already seen that FBI uses Hemisphere (when I asked FBI for comment in advance of this February 4, 2014 article on FBI obstinance, Hemisphere was the one thing they refused all comment on). And obviously, FBI access another DEA database to go after Hassanshahi.

So that may be the only reason why Horowitz needs the FBI’s cooperation to investigate the DEA’s dragnets.

Plus, assuming FBI is parallel constructing these dragnets just like DEA is, I can understand why they’d want to withhold grand jury information, which would make that clear.

Still, I can’t help but wonder — as I have in the past — whether these dragnets are all connected, a constantly moving shell game.

That might explain why FBI is so intent on obstructing Horowitz again.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Loretta Lynch Is A Dubious Nominee For Attorney General

CryingJusticeLoretta Lynch is an excellent nominee for Attorney General, and her prior actions in whitewashing the blatant and rampant criminality of HSBC should not be held against her, because she didn’t know that at the time she last whitewashed that criminal enterprise, right?

No. Nothing could be further from the truth.

This is a cop out by Lynch’s advocates. Lynch either knew, or damn well should have known. She signed off on the HSBC Deferred Prosecution Agreement (DPA), if she was less than fully informed, that is on her. That is what signing legal documents stands for….responsibility. Banks like HSBC, Credit Suisse, ING etc were, and still are, a cesspool of criminal activity and avoidance schemes. Willful blindness to the same old bankster crimes by Lynch doesn’t cut it (great piece by David Dayen by the way).

But, all the above ignores the Swiss Alps sized mountains of evidence that we know Lynch was aware of and blithely swept under the rug by her HSBC DPA. So, we are basically left to decide whether Lynch is a bankster loving toady that is her own woman and cravenly whitewashed this all on her own, or whether she is a clueless stooge taking orders to whitewash it by DOJ Main. Both views are terminally unattractive and emblematic of the oblivious, turn the other cheek to protect the monied class, rot that infects the Department of Justice on the crimes of the century to date.

And that is only scratching the real surface of my objections to Lynch. There are many other areas where Lynch has proven herself to be a dedicated, dyed in the wool “law and order adherent” and, as Marcy Wheeler artfully coined, “executive maximalist”. Lynch’s ridiculous contortion, and expansion, of extraterritorial jurisdiction to suit the convenient whims of the Obama Administration’s unparalleled assault on the Rule of Law in the war on terror is incredibly troubling. Though, to be fair, EDNY is the landing point of JFK International and a frequent jurisdiction by designation. Some of these same questions could have been asked of Preet Bharara (see, e.g. U.S. v. Warsame) Loretta Lynch has every bit the same, if not indeed more, skin in the game as Bharara, whether by choice or chance.

Lynch has never uttered a word in dissent from this ridiculous expansion of extraterritorial jurisdiction. Lynch’s record in this regard is crystal clear from cases like US v. Ahmed, Yousef, et. al. where even Lynch and her office acknowledged that their targets could not have “posed a specific threat to the United States” much less have committed specific acts against the US.

This unconscionable expansion is clearly all good by Lynch, and the ends justify the means because there might be “scary terrists” out there. That is just dandy by American “executive maximalists”, but it is toxic to the Rule of Law, both domestically and internationally (See, supra). If the US, and its putative Attorney General, are to set precedents in jurisdictional reach on common alleged terroristic support, then they ought live by them on seminal concerns like torture and war crimes under international legal norms. Loretta Lynch has demonstrated a proclivity for the convenience of the former and a toady like disdain for the latter.

And the same willingness to go along to get along with contortion of the Rule of Law in that regard seems beyond certain to extend to her treatment of surveillance issues and warrant applications, state secrets, over-classification, attack on the press and, critically, separation of powers issues. Those types of concerns, along with how the Civil Rights Division is utilized to rein in out of control militarized cops and voting rights issues, how the OLC stands up to Executive overreach, whether OPR is allowed to continue to shield disgraceful and unethical AUSAs, and whether she has the balls to stand up to the infamously insulated inner Obama circle in the White House. Do you really think Loretta Lynch would have backed up Carolyn Krass and OLC in telling Obama no on the Libyan War Powers Resolution issue?

For my part, I don’t think there is a chance in hell Lynch would have stood up to Obama on a war powers, nor any other critical issue, and that is a huge problem. Krass and Holder may have lost the Libyan WPR battle, but at least they had the guts to stand up and say no, and leave a record of the same for posterity.

That is what really counts, not the tripe being discussed in the press, and the typically preening clown show “hearing” in front of SJC. That is where the rubber meets the road for an AG nominee, not that she simply put away some mobsters and did not disgrace herself – well, beyond the above, anyway (which she absolutely did) – during her time as US Attorney in EDNY. If you are a participant in, or interested observer of, the criminal justice system as I am, we should aspire to something better than Eric Holder. Holder may not have been everything hoped for from an Obama AG when the Administration took office in January of 2009, but he was a breath of fresh air coming off the AG line of the Bush/Cheney regime. Loretta Lynch is not better, and is not forward progress from Holder, indeed she is several steps down in the wrong direction. That is not the way to go.

The fact that Loretta Lynch is celebrated as a great nominee by not just Democrats in general, but the so called progressives in specific, is embarrassing. She is absolutely horrible. If Bush had put her up for nomination, people of the progressive ilk, far and wide, would be screaming bloody murder. Well, she is the same person, and she is a terrible nominee. And that does not bode well for the Rule of Law over the remainder of the Obama Administration.

And this post has not even touched on more mundane, day to day, criminal law and procedure issues on which Lynch is terrible. And horrible regression from Eric Holder. Say for instance pot. Decriminalization, indeed legalization, of marijuana is one of the backbone elements of reducing both the jail and prison incarceration rate, especially in relation to minorities. Loretta Lynch is unconscionably against that (See, e.g., p. 49 (of pdf) et. seq.). Lynch appears no more enlightened on other sentencing and prison reform, indeed, she seems to be of a standard hard core prosecutorial wind up law and order lock em up mentality. Lynch’s positions on relentless Brady violations by the DOJ were equally milquetoast, if not pathetic (See, e.g. p. 203 (of pdf) et. seq.). This discussion could go on and on, but Loretta Lynch will never come out to be a better nominee for Attorney General.

Observers ought stop and think about the legal quality, or lack thereof, of the nominee they are blindly endorsing. If you want more enlightened criminal justice policy, to really combat the prison state and war on drugs, and to rein in the out of control security state and war on terror apparatus, Loretta Lynch is a patently terrible choice; we can, and should, do better.

Bmaz is a rather large saguaro cactus in the Southwestern Sonoran desert. A lover of the Constitution, law, family, sports, food and spirits. As you might imagine, a bit prickly occasionally. Bmaz has attended all three state universities in Arizona, with both undergraduate and graduate degrees from Arizona State University, and with significant post-graduate work (in physics and organic chemistry, go figure) at both the University of Colorado in Boulder and the University of Arizona. Married, with both a lovely child and a giant Sasquatch dog. Bmaz has been a participant on the internet since the early 2000’s, including active participation in the precursor to Emptywheel, The Next Hurrah. Formally joined the Emptywheel blog as an original contributing member at its founding in 2007. Bmaz grew up around politics, education, sports and, most significantly, cars; notably around Formula One racing and Concours de Elegance automobile restoration and showing. Currently lives in the Cactus Patch with his lovely wife and beast of a dog, and practices both criminal and civil trial law.

Remember, the President’s Review Group Consulted with ATF

In a follow-up to its release on the DEA’s use of a license plate reader database the other day, ACLU reveals an email that shows ATF in Phoenix considered using the database to track people leaving gun shows in April 2009.

The April 2009 email states that “DEA Phoenix Division Office is working closely with ATF on attacking the guns going to [redacted] and the gun shows, to include programs/operation with LPRs at the gun shows.” The government redacted the rest of the email, but when we received this document we concluded that these agencies used license plate readers to collect information about law-abiding citizens attending gun shows. An automatic license plate reader cannot distinguish between people transporting illegal guns and those transporting legal guns, or no guns at all; it only documents the presence of any car driving to the event. Mere attendance at a gun show, it appeared, would have been enough to have one’s presence noted in a DEA database.

Responding to inquiries about the document, the DEA said that the monitoring of gun shows was merely a proposal and was never implemented.

Given the timing, location, and target — 2009, Arizona, and legal permanent residents, or Green Card holders — this consideration intersects interestingly with Fast and Furious.

But don’t worry, DEA says, this was just a consideration, tracking the movements of legal gun show attendees didn’t really happen.

All that said, I couldn’t help but remember that among the more obvious intelligence agencies the President’s Review Group into the NSA consulted in 2013 was ATF, which suggests that ATF is using at least some of the nifty toys NSA is using. As I noted at the time, that may be quite explicable, in that Section 215 has been used to track explosives precursors (and probably has been used to track acetone and hydrogen peroxide — where are TATP precursors, fertilizer, and maybe even pressure cookers).

But the fact that ATF is considering tapping into other agencies dragnets does raise further questions for me about why the PRG would need to consult with ATF.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Double Duty Dragnets

A few weeks back, I emphasized that the dragnet the government admitted to using in the Shantia Hassanshahi case (and issued a narrow claim to have shut down) was a drug database. That is, a dragnet purportedly created to track drug trafficking had been used to police sanctions.

Yesterday, the WSJ broke the story revealed by documents liberated by an ACLU FOIA. One point made in both hasn’t received enough emphasis. A 2009 document revealed that asset forfeiture was one of the primary goals of the program.

The Pilot National LPR Initiative has received enormous support from all several government and law enforcement entities and multiple request have been made to connect LPR devices from state and local law enforcement. In anticipation of the Pilot National LPR Initiative being utilized by all of DEA as well as Federal, State, and Local law enforcement throughout the United States, we must insure we can collect, manage, and maintain to the highest standards all data from the system as well as every other aspect of the LPR system. DEA has designed this program to assist with locating, identifying, and seizing bulk currency, guns, and other illicit contraband moving along the southwest border and throughout the United States. With that said, we want to insure we can collect and manage all the data and IT responsibilities that will come with the work to insure the program meets its goals, of which asset forfeiture is primary.

Funny. This passage doesn’t mention drugs at all. On the contrary, this is about seizing things of value — not drugs — so the law enforcement agency can profit.

 

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

The Government’s Database Arbitrage

I have long believed that the government put Iran on its list of approved target countries under the Section 215 dragnet not to use for counterterrorism purposes (the terror Iran seems to have sponsored of late is largely US generated), but instead to support sanctions.

Yesterday, the government claimed it has been using a drug trafficking database (one described differently than Hemisphere) to support sanctions on Iran.

At least that’s the implication of the declaration unsealed in the Shantia Hassanshahi case submitted in response to the judge’s order for more information on how it had identified the defendant.

This database [redacted] consisted of telecommunications metadata obtained from United States telecommunications service providers pursuant to administrative subpoenas served upon the service providers under the provisions of 21 U.S.C. § 876. This metadata related to international telephone calls originating in the United States and calling [redacted] designated foreign countries, one of which was Iran, that were determined to have a demonstrated nexus to international drug trafficking and related criminal activities. This metadata consisted exclusively of the initiating telephone number; the receiving telephone number; the date, time, and duration of the call; and the method by which the call was billed. No subscriber information or other personal identifying information was included in this database. No communication content was included in this database.

In other words it’s just like the Section 215 phone dragnet (and different in a few ways from Hemisphere, the drug-related database collecting US calls), but collected under 21 USC 876, the drug war’s version of Section 215 tangible things provision, rather than Section 215. And they used it to go after sanctions violators, not drug traffickers.

The declaration goes on to say that this database got shut down — at least, shut down under this authority — in September 2013.

Use of the [redacted] database [redacted] that returned the 818 number was suspended in September 2013.1 This database [redacted] is no longer being queried for investigatory purposes, and information is no longer being collected in bulk pursuant to 21 U.S.C. § 876.

1 [5+ lines redacted]

The NYT broke the story of Hemisphere on September 1, 2013, so the month this thing was shut down. September 2013 is also, conveniently enough, the month Hassanshahi was arrested.

But of course, the declaration doesn’t even say it was shut down. There’s the redacted footnote, saying who knows what about the suspension. And the declaration only says this stuff isn’t collected in bulk under 21 USC 876, not that it’s not being conducted in bulk.

Maybe the government has finally moved its Iran sanction phone dragnet under Treasury sanctions authorities, where it should be?

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.