How to Spy on Carter Page

I have no personal knowledge of the circumstances surrounding the alleged wiretapping of Carter Page, aside from what WaPo and NYT have reported. But, in part because the release of the new, annual FISC report has created a lot of confusion, I wanted to talk about the legal authorities that might have been involved, as a way of demonstrating (my understanding, anyway, of) how FISA works.

FISC did not (necessarily) reject more individual orders last year

First, let’s talk about what the FISC report is. It is a new report, mandated by the USA Freedom Act. As the report itself notes, because it is new (a report covering the period after passage of USAF), it can’t be compared with past years. More importantly, because the FISA Court uses a different (and generally more informative) reporting approach, you cannot — as both privacy groups and journalists erroneously have — compare these numbers with the DOJ report that has been submitted for years (or even the I Con the Record report that ODNI has released since the Snowden leaks); that’s effectively an apples to grapefruit comparison. Those reports should be out this week, which (unless the executive changes its reporting method) will tell us how last year compared with previous years.

But comparing last year’s report to the report from the post-USAF part of 2015 doesn’t sustain a claim that last year had record rejections. If we were to annualize last year’s report (covering June to December 2015) showing 5 rejected 1805/1824 orders (those are the individual orders often called “traditional FISA”) across roughly 7 months, it is actually more (.71 rejected orders a month or .58% of all individual content applications) than the 8 rejected 1805/1824 orders last year (.67 rejected orders a month or .53% of all individual content applications). In 2016, the FISC also rejected an 1861 order (better known as Section 215), but we shouldn’t make too much of that either given that that authority changed significantly near the end of 2015, plus we don’t have this counting methodology for previous years (as an example, 2009 almost surely would have at least one partial rejection of an entire bulk order, when Reggie Walton refused production of Sprint records in the summertime).

Which is a long-winded way of saying we should not assume that the number of traditional content order rejections reflects the reports that FBI applied for orders on four Trump associates but got rejected (or maybe only got one approved for Page). As far as we can tell from this report, 2016 had a similar number of what FISC qualifies as rejections as 2015.

The non-approval of Section 702 certificates has no bearing on any Russian-related spying, which means Page would be subject to back door searches

Nor should my observation — that the FISC did not approve any certifications for 1881a (better known as Section 702, which covers both upstream and PRISM) reflect on any Carter Page surveillance. Given past practice when issues delayed approvals of certifications, it is all but certain FISC just extended the existing certifications approved in 2015 until the matters that resulted in an at least 2 month delay were resolved.

Moreover, the fact that the number of certificates (which is probably four) is redacted doesn’t mean anything either: it was redacted last year as well. That number would be interesting because it would permit us to track any expansions in the application of FISA 702 to new uses (perhaps to cover cybersecurity, or transnational crime, for example). But the number of certificates pertains to the number of people targeted only insofar as any additional certificates represent one more purpose to use Section 702 on.

In any case, Snowden documents, among other things, show that a “foreign government” certificate has long been among the existing certificates. So we should assume that the NSA has collected the conversations of known or suspected Russian spies located overseas conducted on PRISM providers; we should also assume that as a counterintelligence issue implicating domestic issues, these intercepts are routinely shared in raw form with FBI. Therefore, unless last year’s delay involved FBI’s back door searches, we should assume that when the FBI started focusing on Carter Page again last spring or summer, they would have routinely searched on his known email addresses and phone numbers in a federated search and found any PRISM communications collected. In the same back door search, they would have also found any conversations Page had with Russians targeted domestically, such as Sergey Kislyak.

The import of the breakdown between 1805 and 1824

Perhaps the most important granular detail in this report — one that has significant import for Carter Page — is the way the report breaks down authorizations for 1805 and 1824.

1805 covers electronic surveillance — so the intercept of data in motion. It might be used to collect phone calls and other telephony communication, as well as (perhaps?) email communication collected via upstream collection (that is, non-PRISM Internet communication that is not encrypted); it may well also cover prospective PRISM and other stored communication collection. 1824 covers “physical search,” which when it was instituted probably covered primarily the search of physical premises, like a house or storage unit. But it now also covers the search of stored communication, such as someone’s Gmail or Dropbox accounts. In addition, a physical search FISA order covers the search of hard drives on electronic devices.

As we can see for the first time with these reports, most individual orders cover both 1805 and 1824 (92% last year, 88% in 2015), but some will do just one or another. (I wonder if FBI sometimes gets one kind of order to acquire evidence to get the other kind?)

As filings in the Keith Gartenlaub case make clear, “physical search” conducted under a FISA order can be far more expansive than the already overly expansive searches of devices under a Title III warrant. Using a FISA 1824 order, FBI Agents snuck into Gartenlaub’s house and imaged the hard drives from a number of his devices, ostensibly looking for proof he was spying on Boeing for China. They found no evidence to support that. They did, however, find some 9-year old child pornography files, which the government then “refound” under a criminal search warrant and used to prosecute him. Among the things Gartenlaub is challenging on appeal is the breadth of that original FISA search.

Consider how this would work with Carter Page. The NYT story on the Page order makes it clear that FBI waited until Page had left the Trump campaign before it requested an order covering him.

The Foreign Intelligence Surveillance Court issued the warrant, the official said, after investigators determined that Mr. Page was no longer part of the Trump campaign, which began distancing itself from him in early August.

I suspect this is a very self-serving description on the part of FBI sources, particularly given reports that FISC refused orders on others. But regardless of whether FISC or the FBI was the entity showing discretion, let’s just assume that someone was distinguishing any communications Page may have had while he was formally tied to the campaign from those he had after — or before.

This is a critical distinction for stored communications because (as the Gartenlaub case makes clear) a search of a hard drive can provide evidence of completely unrelated crime that occurred nine years in the past; in Gartenlaub’s case, they reportedly used it to try to get him to spy on China and they likely would do the equivalent for Page if they found anything. For Page, a search of his devices or stored emails in September 2016 would include emails from during his service on Trump’s campaign, as well as emails between the time Page was interviewed by FBI on suspicion of being recruited by Victor Podobnyy and the time he started on the campaign, as well as communications going back well before that. So if FISC (or, more generously, the FBI) were trying to exclude materials from during the campaign, that might involve restrictions built into the request or the final order

The report covering 2016 for the first time distinguishes between orders FISC modifies (FISC interprets this term more broadly than DOJ has in its reports) and orders FISC partly denies. FISC will modify an order to, among other things,

(1) impos[e] a new reporting requirement or modifying one proposed by the government;

(2)  chang[e] the description or specification of a targeted person, of a facility to be subjected to electronic surveillance or of property to be searched;

(3)  modify[] the minimization procedures proposed by the government; or

(4)  shorten[] the duration of some or all of the authorities requested

Using Page as an example, if the FISC were permitting FBI to obtain communications from before the time Page joined the campaign but not during it, it might modify an order to require additional minimization procedures to ensure that none of those campaign communications were viewed by the FBI.

The FISC report explains that the court will partly deny orders and “by approving some targets, some facilities, places, premises, property or specific selection terms, and/or some forms of collection, but not others.” Again, using Page as an example, if the court wanted to really protect the election related communications, it might permit a search of Page’s homes and offices under 1824, but not his hard drives, making any historic searches impossible.

There’s still no public explanation of how Section 704/Section 705b work, which would impact Page

Finally, the surveillance of Carter Page implicates an issue that has been widely discussed during and since passage of the FISA Amendments Act in 2008, but not in a way that fully supports a democratic debate: how NSA spies on Americans overseas.

Obviously, the FBI would want to spy on Page both while he was in the US, but especially when he was traveling abroad, most notably on his frequent trips to Russia.

The FISA Amendments Act for the first time required the NSA to obtain FISC approval before doing that. As I explain in this post, for years, public debate has claimed that was done under Section 703 (1881b in this report). But abundant evidence shows it is all done under 704 (1881c in this report). The biggest difference between the two, according to an internal NSA document, is the government doesn’t explain its methods in the latter case. With someone who would be spied on both in the US and overseas, that spying would be done under 705b (conducted under 1881d section b), which permits the AG to approve of spying overseas (effectively, 704 authority) for those already approved under a traditional order.

This matters in the context of spying on Carter Page for two reasons. First, as noted government doesn’t share details about how it spies overseas with the court. And some of the techniques we know NSA to use — such as XKeyscore searches drawing on bulk overseas collection — would seem to present additional privacy concerns on top of the domestic authorities. If the FBI (or more likely, the FISC) is going to try to bracket off any communications that occur during the period Page was associated with the campaign, that would have to be done for overseas surveillance as well, most critically, for Page’s July trip to Russia.

This report shows that 704, like the domestic authorities, also gets modified sometimes, so it may be that FISC did just that — permitted NSA to collect information covering that July meeting, but imposed some minimization procedures to protect the campaign.

But it’s unclear whether the court would have an opportunity to do so for 705b, which derives from Attorney General authorization, not court authorization. I assume that’s why 1881d was not included in this reporting requirement, but it seems adding 705b reporting to Title VII reauthorization this year would be a fairly minor change, but one that might reveal how often the government uses more powerful overseas spying techniques on Americans. It’s unclear to me, for example, whether any modifications or partial approvals the FISC made on a joint 1805/1824 order covering Page would translate into a 705b order, particularly if the modifications in question included additional reporting to the FISC.

Carter Page might one day be the first American to get review of his FISA dossier

All of which is why, no matter what you think of Carter Page’s alleged role in influencing the Trump campaign to favor Russia, I hope he one day gets to review his FISA dossier.

No criminal defendant has ever gotten a review of the FISA materials behind the spying, in spite of clear Congressional intent, when the law was passed in 1978, to allow that in certain cases. Because of the publicity surrounding this case, and the almost unprecedented leaking about FISA orders, Page stands a better chance than anyone else of getting such review (particularly if, as competing stories from CNN and Business Insider claim, the dossier formed a key, potentially uncorroborated part of the case against him). Whatever else happens with this case, I think Page should get that review.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Annual FISC Report Suggests the Court Did Not Approve ANY Section 702 Certificate in 2016

The Administrative Office of the Courts just released the FISC annual report, the first full year report issued after USA Freedom Act.

I’ll work on more analysis in a moment, but wanted to point to something that is fairly remarkable, if I’m reading the report correctly.

Here’s the top line report for the year. Note, in particular, the 1881a line.

As last year’s report did, this year’s redacts the number of certificates the government applied for. But then the footnote reads, in part,

The government submitted this number of certification(s) during calendar year 2016 but the Court did not take action on any such certification(s) within the calendar year.

That, plus the “0”s in the table, seems to state clearly that the FISC did not approve last year’s Section 702 application.

What that likely means, given the precedent set in 2011, is that the government submitted applications (usually they do this with a month of lead time), but the court would not approve the applications as submitted. In 2011, the government got a series of extensions, so 702 never lapsed. The prior approval before last year was November 6, 2015, so it would only have had to have been extended 2 months to get into this year. So that seems to suggest there was at least a three month (application time plus extension) delay in approving the certifications for this year.

Note, too, that the report shows the only amicus appointed last year was Marc Zwillinger for a known PRTT application, so this hold up wasn’t even related to an amicus complaint.

In any case, this may reflect significant issues with 702.

Update: Here’s the 2011 702 opinion, which documents the last known time this happened (though there must have been a roughly month-long delay once since then). After submitting an application in April for May reauthorization, the government got two 60-day extensions, and one more month-long extensions, with final approval on October 3, 2011. It appears there was no big problem with getting the extensions (though at one point, Bates had a meeting with DOJ to tell them he was serious about the reapproval process), so presumably any extension in November would have been granted without much fuss.

One other thing that is worth noting. On September 27, 2016, then Assistant Attorney General John Carlin announced he would be leaving in a month. Mary McCord (who announced her own departure today) took over on October 15. So the transition between the two of them would have happened in the weeks before the certificates would have normally been reauthorized. Whatever Carlin’s reasons for leaving (which has never been made public, as far as I know) the transition between the two of them may have exacerbated any delay.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

I Con the Record’s “Generally” Useful Section 702 Q&A

As the next step in the effort to reauthorize FISA Section 702, I Con the Record has a released a “generally” useful Q&A document on the law. For those who haven’t been following along, it includes links to many (though not all) of the public resources on Section 702. It provides a generally fair overview, with some new almost admissions, which should at least provide Congress with a road map for unanswered questions they should demand answers on.

Downplaying FBI back door searches

My biggest gripe with the report parallels a gripe I’ve had about public testimony on Section 702 since the first confirmations that the NSA, CIA, and FBI can conduct queries on raw data — back door searches. In public hearings, the intelligence community always sends NSA witnesses who can describe, as former NSA lawyer April Doss did in March, a back door search process that is fairly constrained.

I’m most familiar with NSA’s processes: NSA analysts must obtain prior approval to run U.S. person identifier queries in FAA 702 content; there must be a basis to believe the query is reasonably likely to return foreign intelligence information; all queries are logged and reviewed after the fact by NSA; and DoJ and ODNI review every U.S. person query run at NSA and CIA, along with the documented justifications for those queries.

Of course, even though this description is completely true (as far as we know), it is completely useless when it comes to helping Congress understand the problems inherent to back door searches.

Here’s what the Q&A document says about back door searches.

The government’s minimization procedures restrict the ability of analysts to query the databases that hold “raw” Section 702 information (i.e., where information identifying a U.S. person has not yet been minimized for permanent retention) using an identifier, such as a name or telephone number, that is associated with a U.S. person. Generally, queries of raw content are only permitted if they are reasonably designed to identify foreign intelligence information, although the FBI also may conduct such queries to identify evidence of a crime. As part of Section 702’s extensive oversight, DOJ and ODNI review the agencies’ U.S. person queries of content to ensure the query satisfies the legal standard. Any compliance incidents are reported to Congress and the FISC.

12 Queries of Section 702 data using U.S. person identifiers are sometimes mischaracterized in the public discourse as “backdoor searches.”

While it’s true that NSA and CIA minimization procedures impose limits on when an analyst can query raw data for content (but not for metadata at CIA), that’s simply not true at FBI, where the primary rule is that if someone is not cleared for FISA themselves, they ask a buddy to access the information. As a result — and because FBI queries FISA data for any national security assessment and “with some frequency” in the course of criminal investigations. In other words, partly because FBI is a domestic agency and partly because it has broader querying authorities, it conduct a “substantial” number of queries as opposed to the thousands done by CIA. Here’s how PCLOB describes it:

In 2013, the NSA approved 198 U.S. person identifiers to be used as content query terms.

[snip]

In 2013, the CIA conducted approximately 1,900 content queries using U.S. person identifiers. Approximately forty percent of these content queries were at the request of other U.S. intelligence agencies. Some identifiers were queried more than once; the CIA has advised that approximately 1,400 unique identifiers were queried during this period.

[snip]

The CIA does not track how many metadata-only queries using U.S. person identities have been conducted.

[snip]

[T]he FBI’s minimization procedures differ from the NSA and CIA’s procedures insofar as they permit the FBI to conduct reasonably designed queries “to find and extract” both “foreign intelligence information” and “evidence of a crime.”

[snip]

Because they are not identified as such in FBI systems, the FBI does not track the number of queries using U.S. person identifiers. The number of such queries, however, is substantial for two reasons. First, the FBI stores electronic data obtained from traditional FISA electronic surveillance and physical searches, which often target U.S. persons, in the same repositories as the FBI stores Section 702–acquired data, which cannot be acquired through the intentional targeting of U.S. persons. As such, FBI agents and analysts who query data using the identifiers of their U.S. person traditional FISA targets will also simultaneously query Section 702–acquired data. Second, whenever the FBI opens a new national security investigation or assessment, FBI personnel will query previously acquired information from a variety of sources, including Section 702, for information relevant to the investigation or assessment. With some frequency, FBI personnel will also query this data, including Section 702– acquired information, in the course of criminal investigations and assessments that are unrelated to national security efforts.

So it’s simply dishonest to say that, “Generally, queries of raw content are only permitted if they are reasonably designed to identify foreign intelligence information,” because the most common queries involve national security and common criminal purposes as well. “Generally,” the queries don’t require such things, unless you’re focusing primarily at CIA and NSA, where the threat to US person privacy at the least.

Then, one thing this Q&A doesn’t say is that Judge Thomas Hogan required the FBI to tell FISC of any positive hits on searches for entirely criminal purposes. Congress should know that, because it’s an easy data point that the IC should be able to share with Congress.

And while the document generally describes giving notice to defendants,

Section 706 governs the use of Title VII-derived information in litigation; as with Traditional FISA, it requires the government to give notice to aggrieved persons when the government intends to use evidence obtained or derived from Title VII collection in legal proceedings.

It doesn’t hint at how apparently inadequate this notice has been. Those are all details that Congress needs to know.

Hiding a cybersecurity certificate in the cheap seats?

I’m also interested in how the Q&A describes the purpose of 702. Here’s the 5 bullet points describing 702 successes (I’ve changed ODNI’s bullets to numbers for ease of reference):

  1. NSA has used collection authorized under FISA Section 702 to acquire extensive insight into the highest level decision-making of a Middle Eastern government. This reporting from Section 702 collection provided U.S. policymakers with the clearest picture of a regional conflict and, in many cases, directly informed U.S. engagement with the country. Section 702 collection provides NSA with sensitive internal policy discussions of foreign intelligence value.
  2. NSA has used collection authorized under FISA Section 702 to develop a body of knowledge regarding the proliferation of military communications equipment and sanctions evasion activity by a sanctions-restricted country. Additionally, Section 702 collection provided foreign intelligence information that was key to interdicting shipments of prohibited goods by the target country.
  3. Based on FISA Section 702 collection, CIA alerted a foreign partner to the presence within its borders of an al-Qaeda sympathizer. Our foreign partner investigated the individual and subsequently recruited him as a source. Since his recruitment, the individual has continued to work with the foreign partner against al-Qaeda and ISIS affiliates within the country.
  4. CIA has used FISA Section 702 collection to uncover details, including a photograph, that enabled an African partner to arrest two ISIS-affiliated militants who had traveled from Turkey and were connected to planning a specific and immediate threat against U.S. personnel and interests. Data recovered from the arrest enabled CIA to learn additional information about ISIS and uncovered actionable intelligence on an ISIS facilitation network and ISIS attack planning.
  5. NSA FISA Section 702 collection against an email address used by an al-Qaeda courier in Pakistan resulted in the acquisition of a communication sent to that address by an unknown individual located in the United States. The message indicated that the United States-based individual was urgently seeking advice regarding how to make explosives. The NSA passed this information to the FBI. Using a National Security Letter (NSL), the FBI was able to quickly identify the individual as Najibullah Zazi. Further investigation revealed that Zazi and a group of confederates had imminent plans to detonate explosives on subway lines in Manhattan. Zazi and his co-conspirators were arrested and pled guilty or were convicted of their roles in the planned attack. As the Privacy and Civil Liberties Oversight Board (PCLOB) found in its report, “[w]ithout the initial tip-off about Zazi and his plans, which came about by monitoring an overseas foreigner under Section 702, the subway bombing plot might have succeeded.”

The list has two advantages over the lists the IC was releasing in 2013. First, it’s more modest about its claims, not, this time, listing every quasi-thwarted terrorist funding opportunity as a big success. In addition, it describes all three confirmed certificates (from the Snowden documents): counterterrorism (bullets 3 through 5), counterproliferation (2), and foreign government (1, though if this is Iran, it might also be counterproliferation). It also admits that one point of all this spying is to find informants (bullet 3), even if not as explicitly as some court filings and IG reports do. That purpose — and the associated sensitivities (including whether and how it is used by FBI) is one thing all members of Congress should be briefed on.

That said, the description of the foreign government certificate doesn’t come close to describing the kinds of people who might be swept up in it, and as such provides what I believe to be a misleading understanding of who might be targeted under 702.

Note, too, the silence about the use of certificates for counterintelligence purposes, which the government surely does. Again, that would present different threats to Americans’ privacy.

Then there’s the last sentence of the document, in the upstream collection section.

Furthermore, this collection has allowed the IC to acquire unique intelligence that informs cybersecurity efforts.

Oh, huh, what’s that doing there in the last line of the document rather than in the successes section?

From the very first public discussions of 702 after Edward Snowden, ODNI included cybersecurity among the successes, even before it had a certificate. In fact, the document released June 8, 2013, just three days after the first Snowden release, echoed some of the same language:

Communications collected under Section 702 have provided significant and unique intelligence regarding potential cyber threats to the United States including specific potential computer network attacks. This insight has led to successful efforts to mitigate these threats.

This is a problem! Whether or not upstream 702 could be used for cyber purposes has been an undercurrent since the first USA Freedom Act. There are conflicting reports on whether NSA did obtain a cyber certificate in 2012, as they hoped to, or whether that was denied or so limited that it didn’t serve the function the NSA needed. I’ve even been told that CISA is supposed to serve the same purpose.That said, FBI’s minimization procedures (but not, by my read, NSA’s) include some language directed at cybersecurity.

Congress deserves to have a better sense of whether and how the government is using upstream 702 for cybersecurity, because there are unique issues associated with it. It’s clearly a great application of upstream searches, but not one without some risks. So the government should be more clear about this, at least in classified briefings available to all members.

Admitting NSA uses Section 704 not Section 703

Finally, this language is as close as the IC has come to admitting that it uses Section 704, not Section 703, to target Americans overseas.

In contrast to Section 702, which focuses on foreign targets, Section 704 provides additional protection for collection activities directed against U.S. persons located outside of the United States. Section 2.5 of Executive Order 12333 requires the AG to approve the use of “any technique for which a warrant would be required if undertaken for law enforcement purposes” against U.S. persons abroad for intelligence purposes. The AG’s approval must be based on a determination that probable cause exists to believe the U.S. person is a foreign power or an agent of a foreign power. Section 704 builds upon these pre-FAA requirements and provides that, in addition to the AG’s approval, the government must obtain an order from the FISC in situations where the U.S. person target has “a reasonable expectation of privacy and a warrant would be required if the acquisition were conducted inside the United States for law enforcement purposes.” The FISC order must be based upon a finding that there is probable cause to believe that the target is a foreign power, an agent of a foreign power, or an officer or employee of a foreign power and that the target is reasonably believed to be located outside the United States. By requiring the approval of the FISC in addition to the approval of the AG, Section 704 provides an additional layer of civil liberties and privacy protection for U.S. persons located abroad.

In addition to Sections 702 and 704, the FAA added several other provisions to FISA. Section 701 provides definitions for Title VII. Section 703 allows the FISC to authorize an application targeting a U.S. person located outside the U.S. when the collection is conducted inside the United States. Like Section 704, Section 703 requires a finding by the FISC that there is probable cause to believe that the target is a foreign power, an agent of a foreign power, or an officer or employee of a foreign power and is reasonably believed to be located outside the United States.

I’ve written about the distinction here.

Now, in theory, the authority used may not make a difference. Moreover, it’s possible that the NSA simply uses 705b for Americans overseas, meaning they can rely on domestic providers for stored Internet data, while using their more powerful spying for overseas content (in which case Congress should know that too).

But I also think the methods used may have an impact on US persons’ privacy, both the target and others. I’ll try to lay this out in a post in the coming days.

All of which is to say, this document is useful. But there are a few areas — particularly with FBI back door searches, which is the most important area — where the document gets noticeably silent.

 

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Author of USA Freedom Act Says “Nobody’s Got to Use the Internet”

As a number of outlets have reported, at a town hall last week, Wisconsin’s Jim Sensenbrenner told a constituent, asking about her congressman’s vote to overturn Obama’s broadband privacy rules, said, “Nobody’s got to use the Internet.”

“Facebook is not comparable to an ISP. I do not have to go on Facebook,” the town hall meeting attendee said. But when it comes to Internet service providers, the person said, “I have one choice. I don’t have to go on Google. My ISP provider is different than those providers.”

That’s when Sensenbrenner said, “Nobody’s got to use the Internet.” He praised ISPs for “invest[ing] an awful lot of money in having almost universal service now.” He then said, “I don’t think it’s my job to tell you that you cannot get advertising for your information being sold. My job, I think, is to tell you that you have the opportunity to do it, and then you take it upon yourself to make the choice.”

It’s of course an absurd comment. It is difficult to get a job in this day and age without Internet access; it’s hard to find a place to live. It’s not a matter of convenience, at this point it is necessary to be on the Internet to be a fully integrated citizen.

But note why Sensenbrenner said this: he pitched it in terms of the beneficent ISP providers who have kindly provided us all gateways to the Internet.

What no report I’ve seen has noted is that Sensenbrenner also happens to be the author of the USA Freedom Act as passed. In spite of his key role in defeating prior efforts to shut down the PATRIOT Act dragnets, Sensenbrenner managed to pose as a privacy advocate (making horseshit claims about knowing about the dragnet) so as to push through a bill that took the heat off telecoms, all while making more innocent Americans’ data available to NSA’s analytical maw.

Here, he reveals his true colors, a completely unrealistic view of the importance of the Internet on actual human beings.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Why Susan Rice May Be a Shiny Object

A bunch of Republican propagandists are outraged that the press isn’t showing more interest in PizzaGate Mike Cernovich’s “scoop” that the woman in charge of ensuring our national security under President Obama, then National Security Advisor Susan Rice, sought to fully understand the national security intercepts she was being shown.

There are two bases for their poutrage, which might have merit — but coming from such hacks, may not.

The first is the suggestion, based off Devin Nunes’ claim (and refuted by Adam Schiff) that Rice unmasked things she shouldn’t have. Thus far, the (probably illegally) leaked details — such as that family members, perhaps like Jared Kushner (who met with an FSB officer turned head of a sanctioned Russian bank used as cover for other spying operations), Sean Hannity (who met with an already-targeted Julian Assange at a time he was suspected of coordinating with Russians), and Erik Prince (who has literally built armies for foreign powers) got spied on — do nothing but undermine Nunes’ claims. All the claimed outrageous unmaskings actually seem quite justifiable, given the accepted purpose for FISA intercepts.

The other suggestion — and thus far, it is a suggestion, probably because (as I’ll show) it’s thus far logically devoid of evidence — is that because Rice asked to have the names of people unmasked, she must be the person who leaked the contents of the intercepts of Sergey Kislyak discussing sanctions with Mike Flynn. (Somehow, the propagandists always throw Ben Rhodes’ name in, though it’s not clear on what basis.)

Let me start by saying this. Let’s assume those intercepts remained classified when they were leaked. That’s almost certain, but Obama certainly did have the authority to declassify them, just as either George Bush or Dick Cheney allegedly used that authority to declassify Valerie Plame’s ID (as some of these same propagandists applauded back in the day). But assuming the intercepts did remain classified, I agree that it is a problem that they were leaked by nine different sources to the WaPo.

But just because Rice asked to unmask the identities of various Trump (and right wing media) figures doesn’t mean she and Ben Rhodes are the nine sources for the WaPo.

That’s because the information on Flynn may have existed in a number of other places.

Obviously, Rice could not have been the first person to read the Flynn-Kislyak intercepts. That’s because some analyst(s) would have had to read them and put them into a finished report (most, but not all, of Nunes’ blathering comments about these reports suggest they were finished intelligence). Assuming those analysts were at NSA (which is not at all certain) someone would have had to have approved the unmasking of Flynn’s name before Rice saw it.

In addition, it is possible — likely even, at least by January 2017, when we know people were asking why Russia didn’t respond more strongly to Obama’s hacking sanctions — that there were two other sets of people who had access to the raw intelligence on Flynn’s conversations with Kislyak: the CIA and, especially, the FBI, which would have been involved in any FISA-related collection. Both CIA and FBI can get raw data on topics they’re working on. Likely, in this case, the multi-agency task force was getting raw collection related to their Russian investigation.

And as I’ve explained, as soon as FBI developed a suspicion that either Kislyak was at the center of discussions on sanctions or that Flynn was an unregistered agent of multiple foreign powers, the Special Agents doing that investigation would routinely pull up everything in their databases on those people by name, which would result in raw Title I and 702 FISA collection (post January 3, it probably began to include raw EO 12333 data as well).

So already you’re up to about 15 to 20 people who would have access to the raw intercepts, and that’s before they brief their bosses, Congress (though the Devin Nunes and Adam Schiff briefing, at least, was delayed a bit), and DOJ, all the way up to Sally Yates, who wanted to warn the White House. Jim Comey has suggested it is likely that the nine sources behind the WaPo story were among these people briefed secondarily on the intercepts. And it’s worth noting that David Ignatius, who first broke the story of Flynn’s chats with Kislyak but was not credited on the nine source story, has known source relationships in other parts of the government than the National Security Advisor, though he also has ties to Rice.

All of which is to say that the question of who leaked the contents of Mike Flynn’s conversations with Sergey Kislyak is a very different question from whether Susan Rice’s requests to unmask Trump associates’ names were proper or not. It is possible that Rice leaked the intercepts without declassifying them first. But it’s also possible that any of tens of other people did, most of whom would have a completely independent channel for that information.

And the big vulnerability is not — no matter what Eli Lake wants to pretend — the unmasking of individual names by the National Security Advisor. Rather, it’s that groups of investigators can access the same intelligence in raw form without a warrant tied to the American person in question.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Devin Nunes’ So-Called Bibi Netanyahu Precedent

Throughout his ongoing information operation to claim the Obama White House spied on the Trump transition team, Devin Nunes has pointed to what he claimed was a precedent: when, in December 2015, members of Congress suddenly copped on that their conversations with Bibi Netanyahu would get picked up incidentally. In his March 22 press conference, he explained,

We went through this about a year and a half ago as it related to members of Congress, if you may remember there was a report I think it was in the Wall Street Journal and but then we had to have we had a whole series of hearings and then we had to have changes made to how Congress is informed if members of Congress are picked up in surveillance and this looks it’s like very similar to that.

Eli Lake dutifully repeated it in the second of his three-post series pitching Nunes’ information operation.

A precedent to what may have happened with the Trump transition involved the monitoring of Israel’s prime minister and other senior Israeli officials. The Wall Street Journal reported at the end of 2015 that members of Congress and American Jewish groups were caught up in this surveillance and that the reports were sent to the White House. This occurred during a bitter political fight over the Iran nuclear deal. In essence the Obama White House was learning about the strategy of its domestic political opposition through legal wiretaps of a foreign head of state and his aides.

But Lake didn’t apparently think through what the implications of Nunes’ analogy — or the differences between the two cases.

Here’s the WSJ report and CBS and WaPo versions that aren’t paywalled. All make it very clear that Devin Nunes took the lead in worrying about his conversations with Bibi Netanyahu being sucked up (I don’t remember Republicans being as sympathetic when Jane Harman got sucked up in a conversation with AIPAC). They also describe that Obama’s WH, faced with the potential that their surveillance would be seen as spying on another branch of Congress, had the NSA take charge of the unmasking.

The administration believed that Israel had leaked information gleaned from spying on the negotiations to sympathetic lawmakers and Jewish American groups seeking to undermine the talks.

According to the Journal, when the White House learned that the NSA eavesdropping had collected communications with U.S. lawmakers, it feared being accused of spying on Congress and left it to the NSA to determine what information to share with the administration. The Journal said the NSA did not pass along the names of lawmakers or any of their personal attacks on White House officials.

That’s not to say they’d take the same approach here — indeed, Lake now claims, at  least, that Susan Rice requested some Trump officials’ names to be unmasked, distinguishing it from the Bibi case in that White House did not leave it up to NSA to decide what to unmask (though the underlying reporting makes the silly claim that Rice, Loretta Lynch, and John Brennan were among a very limited number of people who could request a name be unmasked).

The larger point is, even assuming the collection of conversations between your political opponents and a foreign government designed to undermine your executive branch authority was scandalous, it’d still fall under the very legitimate concern of separation of powers.

Yes, Trump’s aides are from a different party. But they are nevertheless part of the executive branch. And the entire basis of counterintelligence spying — the entire point of FISA — is to ensure that executive branch officials are not targeted by foreign countries to be spies, which is part of the reason Mike Flynn attracted attention (which is not to justify the leaking of that intercept). Add in the legitimate necessity to implement executive branch policy and this is a very different case than the Bibi case, even if you want to defend (as I do, to a point) Republican members of Congress collaborating with foreign governments to undermine Article II authorities.

Nunes’ imagined solution — from his March 22 White House press conference — is ever nuttier.

Q: You’ve said legal and incidental. That doesn’t sound like a proactive effort to spy.

Nunes: I would refer you to, we had a similar issue with members of Congress that were being picked up in incidental collection a little over a year ago, we had to spend a full year working with the DNI on the proper notification for members of Congress to be notified which comes through the Gang of Eight. I would refer you to that because it looks very similar to that, would be the best way I can describe it.

The ODNI current informs the Gang of Eight when members of Congress get spied on (which means claims that a lot of GOP candidates got spied on is likely hot air, but which also means that if Nunes were collected as a member of the transition team, he’d have been the first to learn of it). Which is an important protection for separation of powers, but which also enables corrupt members of Congress to not just learn they’re being surveilled but, potentially, to alert the foreign targets what channels we’re using.

Maybe Trump wants that standard applied to the executive branch, but if he adopts it, we’re going to have a leaking free for all. Not to mention, it would make it absolutely impossible for the government to protect against espionage related to elections.

Or perhaps Nunes is just saying something more simple. Perhaps Nunes is saying the “dozens” of intercepts where Trump officials had been unmasked (to the extent that’s true) disclosed Trump’s transition-period attempts to drum up a war with Iran at the behest of Israel. Perhaps the real stink here is that, in the very same days Mike Flynn was telling Russia sanctions would be loosened, Trump was publicly undermining US efforts to take a stand against Israeli illegal settlements.

Perhaps, ultimately, this is still about a belief that the Israelis should never be wiretapped.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Who Violated Their Designated Role: Ezra Cohen-Watnick or Susan Rice?

In the original version of the latest right wing claim — that Susan Rice requested that multiple incoming Trump figures’ names be unmasked in intercepts — Mike Cernovich describes the genesis of Devin Nunes’ concern this way:

The White House Counsel’s office identified Rice as the person responsible for the unmasking after examining Rice’s document log requests. The reports Rice requested to see are kept under tightly-controlled conditions. Each person must log her name before being granted access to them.

Upon learning of Rice’s actions, H. R. McMaster dispatched his close aide Derek Harvey to Capitol Hill to brief Chairman Nunes.

But as Eli Lake — fresh off having apologized for letting Devin Nunes use him — tells the story, close Mike Flynn associate Ezra Cohen-Watnick discovered it and brought the discovery to the White House Counsel’s office, whereupon he was told to “end his own research” on unmasking.

The pattern of Rice’s requests was discovered in a National Security Council review of the government’s policy on “unmasking” the identities of individuals in the U.S. who are not targets of electronic eavesdropping, but whose communications are collected incidentally. Normally those names are redacted from summaries of monitored conversations and appear in reports as something like “U.S. Person One.”

The National Security Council’s senior director for intelligence, Ezra Cohen-Watnick, was conducting the review, according to two U.S. officials who spoke with Bloomberg View on the condition of anonymity because they were not authorized to discuss it publicly. In February Cohen-Watnick discovered Rice’s multiple requests to unmask U.S. persons in intelligence reports that related to Trump transition activities. He brought this to the attention of the White House General Counsel’s office, who reviewed more of Rice’s requests and instructed him to end his own research into the unmasking policy.

This repeats a claim Lake had made in his earlier apology post, which he presented as one detail in the NYT version of this story that was not accurate.

Another U.S. official familiar with the affair told me that one of the sources named in the article, former Defense Intelligence officer Ezra Cohen-Watnick, did not play a role in getting information to Nunes. This official said Cohen-Watnick had come upon the reports while working on a review of recent Justice Department rules that made it easier for intelligence officials to share the identities of U.S. persons swept up in surveillance. He turned them over to White House lawyers.

But it adds the detail that Cohen-Watnick had been told to stand down. That would explain why Lake and others would want to claim that Cohen-Watnick wasn’t involved in dealing all this to Nunes: because he had already been told not to pursue it further. If the multiple accounts saying he was involved in the hand-off to Nunes, it appears he did.

The WaPo’s version of this included a detail not included by the right wingers: that Cohen-Watnick went to John Eisenberg, not Don McGahn, with his “discovery.” Eisenberg is significantly responsible, dating back to when he was at DOJ, for ensuring that ordinary Americans would be sucked up in surveillance under PRISM. For him to be concerned about the legal unmasking of Americans’ identities (to the extent that did exist — and the record is still unclear whether it did) is laughable.

The timing of Cohen-Watnick’s research — dating back to February — intersects in interesting ways with the timeline in this March 14 Politico story of H.R. McMaster’s attempt to sideline him, which was overruled by Steven Bannon.

On Friday [March 10], McMaster told the National Security Council’s senior director for intelligence programs, Ezra Cohen-Watnick, that he would be moved to another position in the organization.

The conversation followed weeks of pressure from career officials at the CIA who had expressed reservations about the 30-year-old intelligence operative and pushed for his ouster.

But Cohen-Watnick appealed McMaster’s decision to two influential allies with whom he had forged a relationship while working on Trump’s transition team — White House advisers Steve Bannon and Jared Kushner. They brought the matter to Trump on Sunday [March 12], and the president agreed that Cohen-Watnick should remain as the NSC’s intelligence director, according to two people with knowledge of the episode.

The House Intelligence Committee first asked NSA, CIA, and FBI for details on unmasking on March 15, the day after this story broke, at which point Nunes already knew of the White House effort. When Nunes first blew this up on March 22, he falsely claimed that that March 15 request had been submitted two weeks earlier.

It’s clear the right wing wants to shift this into Benghazi 2.0, attacking Susan Rice for activities that are, at least on the face of it, part of her job. But the only way the White House could be sure that she (or Ben Rhodes, who they’re also naming) were the ones to leak this would be to investigate not just those two, but also all the FBI (which would have access to this information without unmasking these names, which not a single one of these right wing scribes admit or even seem to understand). That is, the only way they could make credible, as opposed to regurgitated right wing propaganda accusations about leakers is to have spied even more inappropriately than they are accusing the Obama White House of doing.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Raw Versus Cooked: Could NSC Monitor FBI’s Investigation?

Multiple people,including Bart Gellman and Josh Marshall, are now arguing that the reason Ezra Cohen-Watnick and Michael Ellis found intercepts involving Trump’s people is that they were monitoring FBI’s investigation of the investigation.

I certainly think the Trump people would like to do that — and would be willing to stoop to that. I even believe that the response to the Russian hack last year had some counterintelligence problems, though probably not on the FBI side.

But there are some details that may limit how much the NSC can monitor the investigation.

First, Devin Nunes has always been very clear: the intercepts he was shown have nothing to do with Russia. That’s not, itself, determinative. After all, Cohen-Watnick and Ellis might have found a bunch of Russian intercepts, but only shared the non-Russian ones so Nunes could make a stink without being accused of endangering the investigation. Also, it’s possible that intercepts involving other countries — most notably Turkey, but there are other countries that might be even more interesting, including Ukraine or Syria — would impact any Russian investigation.

Also note that among the many things Nunes appears not to understand about surveillance is that there are two ways an American’s name can be visible outside the circle of analysts doing the initial review of them: their names can be put into finished intelligence reports that get circulated more broadly, with customers asking to have the name unmasked after the fact. Alternately, their names can be found off of subsequent searches of raw data. At the NSA and CIA, searches for US person content are somewhat controlled. At FBI they are not only not controlled, but they are routine even for criminal investigations. So if, say, General Flynn (or Paul Manafort) were under investigation for failing to register as a foreign agent, the FBI would routinely search their database of raw FISA material on his name. (These are the “back door searches” Ron Wyden has been screaming about for years, concerns which people like Devin Nunes have previously dismissed on national security grounds.) And we have every reason to believe that counterintelligence intercepts of Russians in the US are among the raw feeds that the FBI gets. So if Flynn had conversations with Russians (or Turks) in the US, we should assume that FBI saw them as a routine matter if Flynn became the subject of an investigation at all. We should also assume that the FBI did a search on every Sergey Kislyak intercept in their possession, so they will have read everything that got picked up, including all recorded calls with Trump aides.

On March 15, the House Intelligence Committee asked the NSA, CIA, and FBI for information on unmasking. I don’t believe that request asked about access to US person names on subsequent searches or raw material. Furthermore, at least as of last week, the FBI was not rushing to comply with that request. As I noted after the Jim Comey hearing before HPSCI, none of the Republicans concerned about these issues seemed to have any basic clue about FBI’s searches on raw data. If Nunes doesn’t know (and he appears not to), it’s unlikely Ellis knows, who was until this month Nunes’ aide.

But there’s one other thing that may prevent NSC from obtaining information about the investigation: FBI sometimes uses what are called “ad hoc databases” that include raw FISA data (and probably, post EO 12333 sharing rule changes, raw EO 12333 data) tied to particular investigations. It’s unclear what conditions might necessitate the use of an ad hoc database (see page 25ff for a discussion of them), but if security concerns would encourage their use, it would be likely to have one here, an investigation which Comey described as being so sensitive he delayed briefing the Gang of Four. Ad hoc databases are restricted to those working on investigations, and include specific records of those authorized to access the database. So if FBI were using an ad hoc database for this investigation, it would be even harder for the NSC to learn what they were looking at.

If the FBI’s investigation relies on raw intelligence — and it would be unfathomable that it does not, because it would probably receive the raw FISA data tied to such an investigation routinely, and EO 12333 sharing rules specifically envision the sharing of raw data associated with counterintelligence investigations — then the NSC’s access to finished intelligence reports would provide little insight into the investigation (Nunes was a bit unclear on whether that’s what he was looking at, but the entire premise of his complaints is that these were finished reports).

But while we’re worrying about whether and how Trump would monitor an investigation into his aides, remember that in 2002, Jay Bybee wrote a memo authorizing the sharing of grand jury information with the President and his close advisors including for counterintelligence investigations.

In addition, the Patriot Act recently amended 6(e) and Title III specifically to provide that matters involving foreign intelligence or counterintelligence or foreign intelligence information may be disclosed by any attorney for the government (and in the case of Title III, also by an investigative or law enforcement officer) to certain federal officials in order to assist those officials in carrying out their duties. Federal officials who are included within these provisions may include, for example, the President, attorneys within the White House Counsel’s Office, the President’s Chief of Staff, the National Security Advisor, and officials within the Central Intelligence Agency and the Department of Defense.

[snip]

Although the new provision in Rule 6(e) permitting disclosure also requires that any disclosures be reported to the district court responsible for supervising the grand jury, we conclude that disclosures made to the President fall outside the scope of the reporting requirement contained in that amendment, as do related subsequent disclosures made to other officials on the President’s behalf.

In other words, Trump could demand that he — or his National Security Advisor! — get information on any grand jury investigations, including those covering counterintelligence cases. And no judge would be given notice of that.

With Jeff Sessions’ recusal, that’s far less likely to happen than it might have been. But understand that the Executive Branch believes that the President can learn about the happenings in grand jury investigations of the sort that might target his aides.

Update: additional details have been added to this post after it was first posted.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Devin Nunes May Be a Buffoon and a Hack, But I Don’t Think He’s a Criminal

I believe that Devin Nunes is a buffoon and a political hack. I believe he needs to be removed from his position as Chair of the House Intelligence Committee — not just because he has been running interference for Trump, betraying his Article I duties, but also because he doesn’t understand the programs he oversees.

But I don’t believe he’s a criminal.

I say that in disagreement with Bart Gellman, who made just such an argument regarding the revelations in this NYT story here. Gellman argued, in part, that Nunes’ sources (about which I hope to say more later) violated nondisclosure laws by sharing reports outside of normal channels with Nunes.

Secrecy regulations, including SF312, the Classified Information Nondisclosure Agreement, do not permit [Michael] Ellis and [Ezra] Cohen-Watnick to distribute sensitive compartmented information through a back channel to Nunes. This is true, and their conduct no less an offense, even though Nunes holds clearances sufficient to receive the information through proper channels. The offense, which in some cases can be prosecuted as a felony, would apply even if the White House officials showed Nunes only “tearsheet” summaries of the surveillance reports. Based on what Nunes has said in public, they appear to have showed him the more sensitive verbatim transcripts. Those are always classified as TS/SI (special intelligence) or TS/COMINT (communications intelligence), which means that they could reveal sources and methods if disclosed. That is the first apparent breach of secrecy rules. The second, of course, is the impromptu Nunes news conference. There is no unclassified way to speak in public about the identity of a target or an “incidentally collected” communicant in a surveillance operation.

To be clear, I think Ellis and Cohen-Watnick may have violated access rules on searches. But I don’t think Nunes violated any laws in accessing that intelligence (I think he probably violated the intent of classification rules on intercepts, but by providing no details about who he saw referenced in these reports, he’ll get away with it.)

That’s because minimization procedures pertaining to FISA materials specifically envision access to information — sometimes even raw data — for oversight purposes. The 2015 702 Minimization Procedures for NSA, for example, state,

Nothing in these procedures shall restrict NSA’s performance of lawful oversight of its personnel or systems, or lawful oversight function of the Department of Justice’s National Security Division, Office of the Director of National Intelligence, or the applicable Offices of the Inspectors General. Similarly, nothing in these procedures shall prohibit the retention, processing, or dissemination of information reasonably necessary to comply with specific constitutional, judicial,or legislative mandates.

At times, minimization procedures have been even more explicit. Starting in 2014, for example, the Section 215 phone dragnet minimization procedures explicitly permitted the sharing of query results “to facilitate lawful oversight functions.”

Notwithstanding the above requirements, NSA may share results from intelligence analysis queries of the BR metadata, including U.S. person identifying information, with Executive Branch personnel (1) in order to enable them to determine whether the information contains exculpatory or impeachment information or is otherwise discoverable in legal proceedings or (2) to facilitate their lawful oversight functions. Notwithstanding the above requirements, NSA may share the results from intelligence analysis queries of the BR metadata, including United States person information, with Legislative Branch personnel to facilitate lawful oversight functions.

The FISC even excluded such sharing from reporting requirements, so Congress could be doing a lot of this and it would never show up in annual reporting.

In other words, at least for FISA-governed data, the court has permitted the sharing of information — and remember, these are supposed to be finished intelligence reports, not raw data or queries — for people in an oversight role. The 702 procedures leave a lot of room for interpretation, too, about what might be a “constitutional” mandate, the kind of language that White Houses of both parties have been prone to abuse.

If these reports were collected under 12333, the new sharing rules explicitly prohibit the sharing of intelligence for political purposes.

Any IC element that obtains access to raw SIGINT under these Procedures will:

[snip]

Political process in the United States. Not engage in any intelligence activity authorized by these Procedures, including disseminations to the White House, for the purpose of affecting the political process in the United States. The IC element will comply with the guidance applicable to NSA regarding the application of this prohibition. Questions about whether a particular activity falls within this prohibition will be resolved in consultation with the element’s legal counsel and the General Counsel of the Office of the Director of National Intelligence (ODNI) (and the DoD’s Office of the General Counsel in the case of a DoD IC element).

Even if this covered what happened, NSC lawyer John Eisenberg was in the loop on this caper, so they effectively did consult with the element’s legal counsel. Moreover, we know that Presidents can pixie dust executive orders at will.

Nunes, at least, pretends he was functioning in an oversight role in raising questions about whether SIGINT had been properly minimized. He appears to have no clue about the authorities he’s talking about, he appears to have misrepresented what the problem is, and he clearly was doing all this with an eye towards making political accusations against Obama.

But nevertheless, he claims to believe he was functioning in an oversight role.

Which is part of the problem! I’ve long pointed to how unrestricted this language is. It invites abuse. It should be tightened going forward (though neither the Trump Administration nor Congress has incentive to do that at this point).

If you’re bothered by Devin Nunes’ information operation — and I am — then you should be calling to tighten up the language governing how intelligence can be shared for oversight and other “constitutional” purposes. Because they appear to envision something like this happening.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Did Devin Nunes Just Reveal NSC Is Monitoring Agency Response to Congress?

Multiple outlets this morning are covering Devin Nunes’ admission that he was on “White House grounds” last Tuesday, leading up to his Wednesday announcement that Trump officials’ identities may (or may not have) been unmasked in intelligence reports unrelated to Russia.

One source told CNN that Nunes, a California Republican, was seen on the White House grounds the day before his announcement. In a phone interview, Nunes confirmed to CNN that he was on the White House grounds that day — but he said he was not in the White House itself. (Other buildings, including the Eisenhower Executive Office Building, are on the same grounds.)

No one in the White House was aware that he was there, Nunes said.

The California Republican said he was there for additional meetings “to confirm what I already knew” but said he wouldn’t comment further so as to not “compromise sources and methods.”

He told CNN he wanted to “reiterate this has nothing to do with Russia.”

Nunes went to the building because he needed a secure area to view the information, he told CNN. A government official said Nunes was seen Tuesday night at the National Security Council offices of the Eisenhower building which, other than the White House Situation Room, is the main area on the complex to view classified information in a secure room.

Nunes explained to Eli Lake he couldn’t use HPSCI’s own SCIF, just two miles away, because it didn’t have networked access to the reports that he was being shown.

In an interview Monday, Nunes told me that he ended up meeting his source on the White House grounds because it was the most convenient secure location with a computer connected to the system that included the reports, which are only distributed within the executive branch. “We don’t have networked access to these kinds of reports in Congress,” Nunes said. He added that his source was not a White House staffer and was an intelligence official.

Laura Rozen notes that Nunes’ former aide, Michael Ellis, now works as NSC Deputy Legal Adviser.

New special assistant to the president, NSC deputy legal adviser Michael Ellis served as Nunes’ aide, HPSCI gen. counsel til early March 3/

Whether or not Ellis is Nunes’ source, it seems clear that someone in the EEOB first told, then shared, intercepts with Nunes.

That raises questions about how said source obtained the intercepts. That’s true particularly given that by Nunes’ later admission that some of the names weren’t unmasked per se, but rather described in such a way that would make the US person (that is, the Trump associate) clear, so it’s not like the NSC could just search on all of Trump’s top aides to find out if their names had been unmasked.

Remember, too, that this takes place against the background of HPSCI’s requests to NSA, CIA, and FBI for details on all the US persons who had been unmasked between June 2016 and January 2017. NSA had provided a partial response (basically deferring an answer until they could do more research) before last week’s hearing and Nunes’ press conference. But it’s not clear whether FBI intended to reply — it would have several possible reasons for refusing to do so, both to protect an ongoing investigation but also because unmasking is not the question to ask FBI, database searches are (it’s not clear how many of HPSCI’s Republicans understand this, which is pathetic).

In any case, NSA and CIA (at least) are already in the process of responding to this request. But someone worked his or her own angles to respond to the same request for Nunes.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.