As I noted, the DC Circuit Court reversed Judge Richard Leon’s injunction against the phone dragnet. The judges disagreed on whether Larry Klayman had standing — because he is a Verizon Wireless but not Verizon landline subscriber, which had been the only thing confirmed by the government. All agreed he had not shown he had the high certainty of standing required to uphold an injunction against the program. But the per curium opinion did agree that the case has not been mooted, because by immediately restarting the bulk program after the passage of USA F-ReDux, the government showed that the harm could recur.
That’s important, because information proving that Klayman does have standing has recently been released in an official (albeit probably inadvertent) release.
Part of the IG Reports on the phone dragnet Charlie Savage obtained by suing shows that — at least in 2010 — the Primary Order for the phone dragnet went to AT&T, Sprint, Verizon’s subsidiaries (the former MCI part of Verizon’s business, which I believe is its backbone), and “Cellco Partnership d/b/a Verizon Wireless.”
I’ll say more about what I think this really means in a later post — and why I think the suit against bulk surveillance needs to be, and can be, tweaked somewhat to ensure standing.
But for the moment, know that for at least one 90 day period in 2010, Verizon Wireless as well as Verizon’s landline was ordered to turn over phone records.
In a per curium decision, a DC Circuit panel including Janice Rogers Brown, Stephen Williams, and David Sentelle has reversed Judge Richard Leon’s decision preliminary injunction against the phone dragnet. They reversed on standing (which I’ll return to) but found the issue remains ripe.
This will be my working thread.
The panel pointed to the immediate resumption of the dragnet after USA F-ReDux to argue that the alleged violation could recur.
Cessation of a challenged practice moots a case only if “there is no reasonable expectation . . . that the alleged violation will recur.” Larsen v. U.S. Navy, 525 F.3d 1, 4 (D.C. Cir. 2008) (quotations and citations omitted). Here, any lapse in bulk collection was temporary. Immediately after Congress acted on June 2 the FBI moved the FISC to recommence bulk collection, United States’ Mem. of Law, In re Application of the FBI, No. BR 15-75 (FISC, filed Jun. 2, 2015), and the FISC confirmed that it views the new legislation as effectively reinstating Section 215 for 180 days, and as authorizing it to resume issuing bulk collection orders during that period.
Brown reversed because Klayman had shown it likely his records were collected, but had not reached the bar for a preliminary injunction.
However, plaintiffs are Verizon Wireless subscribers and not Verizon Business Network Services subscribers. Thus, the facts marshaled by plaintiffs do not fully establish that their own metadata was ever collected.
Contrary to the assertions of my colleagues, these facts bolster plaintiffs’ position: where the Clapper plaintiffs relied on speculation and conjecture to press their claim, here, plaintiffs offer an inference derived from known facts.
However, the burden on plaintiffs seeking a preliminary injunction is high. Plaintiffs must establish a “substantial likelihood of success on the merits.” Sottera, Inc., 627 F.3d at 893. Although one could reasonably infer from the evidence presented the government collected plaintiffs’ own metadata, one could also conclude the opposite. Having barely fulfilled the requirements for standing at this threshold stage, Plaintiffs fall short of meeting the higher burden of proof required for a preliminary injunction. [citation omitted]
Williams reversed because he doesn’t think Klayman has standing. He points to Amnesty v Clapper to suggest he has only speculative standing.
Plaintiffs’ contention that the government is collecting data from Verizon Wireless (a contention that the government neither confirms nor denies, Gov’t’s Br. at 38-39), depends entirely on an inference from the existence of the bulk collection program itself. Such a program would be ineffective, they say, unless the government were collecting metadata from every large carrier such as Verizon Wireless; ergo it must be collecting such data. Appellee’s Br. 27-28. This inference was also the district judge’s sole basis for finding standing. Klayman v. Obama, 957 F. Supp. 2d 1, 27 & n.36 (2013).
Yet the government has consistently maintained that its collection “never encompassed all, or even virtually all, call records and does not do so today.”
Here, the plaintiffs’ case for standing is similar to that rejected in Clapper. They offer nothing parallel to the Clapper plaintiffs’ evidence that the government had previously targeted them or someone they were communicating with (No. 3 above). And their assertion that NSA’s collection must be comprehensive in order for the program to be most effective is no stronger than the Clapper plaintiffs’ assertions regarding the government’s motive and capacity to target their communications (Nos. 2 & 4 above).
Accordingly, I find that plaintiffs have failed to demonstrate a “substantial likelihood” that the government is collecting from Verizon Wireless or that they are otherwise suffering any cognizable injury. They thus cannot meet their burden to show a “likelihood of success on the merits” and are not entitled to a preliminary injunction.
Sentelle would boot the case entirely because Klayman doesn’t have standing.
Like Judge Williams, I believe that the failure to establish the likelihood of success depends at least in the first instance on plaintiffs’ inability to establish the jurisdiction of the court. I also agree with Judge Williams that plaintiffs have not established the jurisdiction of the court. That being the case, I would not remand the case for further proceedings, but would direct its dismissal.
Plaintiffs have not demonstrated that they suffer injury from the government’s collection of records. They have certainly not shown an “injury in fact” that is “actual or imminent, not conjectural or hypothetical.” Friends of the Earth, Inc., 528 U.S. at 180. I agree with the conclusion of my colleagues that plaintiffs have not shown themselves entitled to the preliminary injunction granted by the district court. However, we should not make that our judicial pronouncement, since we do not have jurisdiction to make any determination in the cause. I therefore would vacate the preliminary injunction as having been granted without jurisdiction by the district court, and I would remand the case, not for further proceedings, but for dismissal.
Two weeks after floating a story to the NYT the Obama asked for some creative ways to retaliate against China for the OPM hack, the NYT reported (in both English and a prominently linked Chinese translation) that “in recent weeks” the US told agents trying to chase down Chinese nationals accused of corruption to get out.
The Obama administration has delivered a warning to Beijing about the presence of Chinese government agents operating secretly in the United States to pressure prominent expatriates — some wanted in China on charges of corruption — to return home immediately, according to American officials.
The American officials said that Chinese law enforcement agents covertly in this country are part of Beijing’s global campaign to hunt down and repatriate Chinese fugitives and, in some cases, recover allegedly ill-gotten gains.
The Chinese government has officially named the effort Operation Fox Hunt.
The American warning, which was delivered to Chinese officials in recent weeks and demanded a halt to the activities, reflects escalating anger in Washington about intimidation tactics used by the agents. And it comes at a time of growing tension between Washington and Beijing on a number of issues: from the computer theft of millions of government personnel files that American officials suspect was directed by China, to China’s crackdown on civil liberties, to the devaluation of its currency.
Operation Fox Hunt is not new — or secret. It has been covered before by the US press, including updates on how many people official Chinese sources claim they have gotten to return for prosecution. The NYT follow-up admits — though the original didn’t provide the same level of detail — that DHS agreed in April to prosecute Chinese economic fugitives (which would extend the US habit of asserting jurisdiction where none exists) if provided real evidence of corruption.
But in April, the Department of Homeland Security worked out a new arrangement with China’s Ministry of Public Security, which oversees Operation Fox Hunt, to assist Beijing’s efforts to prosecute economic fugitives according to United States law. American officials, however, say China has so far failed to provide the necessary evidence.
Both NYT articles mention what the WSJ reports in more depth, including details of how these operatives are working: Among the economic fugitives in the US China is aggressively pursuing is Ling Wangcheng, the brother of a former top Hu Jintao aide
Mr. Ling’s brother was a top aide to China’s previous president, Hu Jintao, but was placed under investigation by the Communist Party in December and formally accused in July of bribe-taking, adultery and illegally obtaining state secrets.
For much of 2014, Mr. Ling was living under an alias in a mansion in a gated community in Loomis, Calif., near Sacramento, with Mr. Yuan’s ex-wife, neighbors said. The couple hasn’t been seen there since around October.
Mr. Ling is now the focus of political intrigue that could overshadow a visit to the U.S. in September by China’s leader, Xi Jinping.
Diplomats and analysts said Mr. Ling might have had access through this brother to sensitive information about Chinese leaders. If he sought political asylum, Mr. Ling would be the most significant Chinese defector in decades.
It isn’t clear why Mr. Ling, 55 years old, moved to the U.S. in 2013 or 2014. He lost touch with many friends in China around last fall, a family acquaintance said, but later reassured friends he was safe in the U.S.
The implication from this — and other recent reporting on Ling — is that he did get asylum in October, and has been cooperating with US authorities.
All that is probably only tangentially related to the US leak of its earlier decision — taken precisely as the US tries to find a way to retaliate for the OPM hack — to start cracking down on this Chinese effort.
There are two things I haven’t seen mentioned in coverage of this. First, remember that the US has engaged in a similar effort, using an offer of amnesty for rich tax cheats who had stashed their money in Swiss banks (though there have been what I believe to be similar efforts on the part of the US to expose tax cheats that have mostly focused on non-US citizens).
And don’t forget the lengths to which the US went to get someone who had top secrets to come back to the US, including when it had Austria ground Evo Morales’ plane so it could search for Edward Snowden.
In any case, I suspect the US used Operation Fox Hunt as an opportunity to let China know it knew of these admitted agents. Sort of a way for the US to tell China we know where its operatives in the US are, just as it knows where our operatives are in China, thanks to the OPM hack.
For its part, China’s Xinhua paper has scolded the US for harboring crooks (and provided slightly different details of the agreement pertaining to Fox Hunt).
Corruption is not only a serious problem in China, but also in the rest of the world. And in a world which is more and more connected, countries should take coordinated efforts in fighting corruption.
Although there is no extradition agreement between the United States and China, the two countries actually have already agreed on anti-corruption cooperation.
In April 2015, U.S. Homeland Security Secretary Jeh Johnson met Chinese Public Security Minister Guo Shengkun in Beijing, and they agreed to strengthen cooperation in law enforcement.
They agreed not to provide shelter for the other side’s fugitives and would try to repatriate them in accordance with law. Specifically, Johnson also promised to actively support China’s “Sky Net” and “Fox Hunt” operations, which aim to bring back corrupt officials.
So the U.S. government’s decision to force China’s law enforcement stuff to leave the country obviously reveals that Washington lacks sincerity and has failed to translate its words into action.
Some analysts even say that the United States is reluctant to repatriate those corrupt officials for the sake of their money of course.
Therefore, the United States, as a country that often stresses the rule of law, should clarify the issue and by no means become a safe haven for Chinese criminal suspects.
The US may have decided this would be an easy way to push back on China, but that won’t prevent China from scoring points from it.
A key point in the ProPublica/NYT piece on AT&T’s close cooperation with the NSA (and, though not stated explicitly, other agencies) on spying is that AT&T was the telecom that helped NSA spy on the UN.
It provided technical assistance in carrying out a secret court order permitting the wiretapping of all Internet communications at the United Nations headquarters, a customer of AT&T.
If you read the underlying document, it actually shows that NSA had a traditional FISA order requiring the cooperation (remember, “agents of foreign powers,” as diplomats are, are among the legal wiretap targets under FISA, no matter what we might think about NSA spying on UN in our own country) — meaning whatever telecom serviced the UN legally had to turn over the data. And a big part of AT&T’s cooperation, in addition to technically improving data quality, involved filtering the data to help NSA avoid overload.
BLARNEY began intermittent enablement of DNI traffic for TOPI assessment and feedback. This feedback is being used by the BLARNEY target development team to support an ongoing filtering and throttling of data volumes. While BLARNEY is authorized full-take access under the NSA FISA, collected data volumes would flood PINWALE allocations within hours without a robust filtering mechanism.
In other words, AT&T helped NSA, ironically, by helping it limit what data it took in. Arguably, that’s an analytical role (who builds the algorithms in the filter?), but it’s one that limits how much actually gets turned over to the government.
That doesn’t mean the cooperation was any less valued, nor does it mean it didn’t go beyond what AT&T was legally obliged to do under the FISA order. But it’s not evidence AT&T would wiretap a non-legal (private corporation) target as a favor for NSA. That evidence may exist, somewhere, but it’s not in this story, except insofar as it mentions Stellar Wind, where AT&T was doing such things.
To be fair, AT&T’s UN cooperation is actually emphasized in this story because it was a key data point in the worthwhile ProPublica piece explaining how they proved Fairview was AT&T.
In April 2012, an internal NSA newsletter boasted about a successful operation in which NSA spied on the United Nations headquarters in New York City with the help of its Fairview and Blarney programs. Blarney is a program that undertakes surveillance that is authorized by the Foreign Intelligence Surveillance Court.
FAIRVIEW and BLARNEY engineers collaborated to enable the delivery of 700Mbps of paired packet switched traffic (DNI) traffic from access to an OC192 ring serving the United Nations mission in New York … FAIRVIEW engineers and the partner worked to provide the correct mapping, and BLARNEY worked with the partner to correct data quality issues so the data could be handed off to BLARNEY engineers to enable processing of the DNI traffic.
We found historical records showing that AT&T was paid $1 million a year to operate the U.N.’s fiber optic provider in 2011 and 2012. A spokesman for the U.N. secretary general confirmed that the organization “has a current contract with AT&T” to operate the fiber optic network at the U.N. headquarters in New York.
That is, the UN story is important largely because there are public records proving that AT&T was the provider in question, not because it’s the most egregious example of AT&T’s solicitous relationship with the nation’s spies.
Also in that story proving how they determined Fairview was AT&T and Stormbrew included Verizon was the slide above, bragging that the Comprehensive National Cybersecurity Initiative 100% subsidized Verizon’s Breckenridge site at a new cable landing carrying traffic from China.
It’s not entirely clear what that means — it might just refer to the SCIF, power supply, and servers needed to run the TURMOIL (that is, passive filtering) deployments the NSA wanted to track international traffic with China. But as ProPublica lays out, the NSA was involved the entire time Verizon was planning this cable landing. Another document on CNCI shows that in FY2010 — while significantly less than AT&T’s Fairview — NSA was dumping over $100M into Stormbrew and five times as much money into “cyber” than on FISA (in spite of the fact that they admit they’re really doing all this cybering to catch attacks on the US, meaning it has to ostensibly be conducted under FISA, even if FISC had not yet and may never have approved a cyber certificate for upstream 702). And those numbers date to the year after the Breckenridge project was put on line, and at a time when Verizon was backing off an earlier closer relationship with the Feds.
How much did Verizon really get for that cable landing, what did they provide in exchange, and given that this was purpose-built to focus on Chinese hacking 6 years ago, why is China still eating our lunch via hacking? And if taxpayers are already subsidizing Verizon 100% for capital investments, why are we still paying our cell phone bills?
Particularly given the clear focus on cyber at this cable landing, I recall the emphasis on Department of Commerce when discussing the government’s partnership with industry in PPD-20, covering authorizations for various cyber activities, including offensive cyberwar (note the warning I gave for how Americans would start to care about this Snowden disclosure once our rivals, like China, retaliate). That is, the government has Commerce use carrots and sticks to get cooperation from corporations, especially on cybersecurity.
None of this changes the fact that AT&T has long been all too happy to spy on its customers for the government. It just points to how little we know about these relationships, and how much quid pro quo there really is. We know from PRISM discussions that the providers could negotiate how they accomplished an order (as AT&T likely could with the order to wiretap the UN), and that’s one measure of “cooperation.” But there’s a whole lot else to this kind of cooperation.
Update: Credo released a statement in response to the story.
As a telecom that can be compelled to participate in unconstitutional surveillance, we know how important it is to fight for our customers’ privacy and only hand over information related to private communications when required by law,” said CREDO Mobile Vice President Becky Bond. “It’s beyond disturbing though sadly not surprising what’s being reported about a secret government relationship with AT&T that NSA documents describe as ‘highly collaborative’ and a ‘partnership, not a contractual relationship,’
CREDO Mobile supports full repeal of the illegal surveillance state as the only way to protect Americans from illegal government spying,” Bond continued, “and we challenge AT&T to demonstrate concern for its customers’ constitutional rights by joining us in public support of repealing both the Patriot Act and FISA Amendments Act.
ProPublica and NYT have an important story that confirms what we’ve long known — that AT&T, operating under the Fairview program — is all too happy to do business with the NSA. As part of the story, they note that in 2011, AT&T started providing cell data to NSA under the BR FISA program.
In 2011, AT&T began handing over 1.1 billion domestic cellphone calling records a day to the NSA after “a push to get this flow operational prior to the tenth anniversary of 9/11,” according to an internal agency newsletter. This revelation is striking because after Snowden disclosed the program of collecting the records of Americans’ phone calls, intelligence officials told reporters that, for technical reasons, it consisted mostly of landline phone records.
They base the claim on this document, which reads,
On 29 August, FAIRVIEW started delivering Mobility Business Records traffic into MAINWAY under the existing Business Record (BR) FISA authorization. The intent of the Business Records FISA program is to detect previously unknown terrorist threats in the United States through the cell chaining of metadata. This new metadata flow is associated with a cell phone provider and will generate an estimated 1.1 billion cellular records a day in addition to the 700M records delivered currently under the BR FISA. After extensive dialogue with the consumers of the BR data, repeated testing, a push to get this flow operational prior to the tenth anniversary of 9/11, and extensive coordination with external entities via our OGC (to include: FBI, DOJ, ODNI, and FISC) NSA received approval to initiate this dataflow on August 29, 2011. Analysts have already reported seeing BR Cellular records in the Counter Terrorism call-chaining database queries.
Though it provides important new context, that NSA started receiving mobile data on August 29, 2011 is not new news (though that it was getting it from AT&T is). The government released the notice it gave to the House Judiciary Committee that it was receiving that data in October 2013 under FOIA (indeed, this document is one I have pointed to to refute claims that the program didn’t collect cell data).
All that said, the notice, taken together with the context of the internal announcement, does explain more about why the NSA wasn’t getting as much cell data as they wanted.
In the case of Fairview and the collection started on August 29, 2011, the provider “remove[d] the cell [redacted] location information [redacted] before providing the CDRs to NSA.”
Before initiating the acquisition of mobility data, NSA undertook extensive testing to ensure strict compliance with the terms of the FISC Orders. The Court’s Orders are designed to protect the civil liberties and privacy interests of Americans. Following completion of testing, on 29 August 2011, NSA began to receive approximately [redacted] CDRs per day and enter these records into our BR FISA bulk metadata architecture.
[redacted] NSA requested that the [redacted] remove the cell [redacted] location information [redacted] before providing the CDRs to NSA. Consequently, NSA is not currently receiving this field as part of the data being acquired. [redacted]
As the NYT reported earlier this week, NSA had given Verizon Wireless a separate order for phone dragnet order in 2010. But the redaction in the notice to Congress on obtaining mobility data from a year later seems to address the problem with obtaining location information.
We know from the Congressional notice AT&T was willing to strip it. For a lot of reasons, it’s likely Verizon was unwilling to strip it.
This is one of the possible explanations I’ve posited for why NSA wasn’t getting cell data from Verizon, because any provider is only obliged to give business records they already have on hand, and it would be fairly easy to claim stripping the cell location data made it a new business record.
Which is another important piece of evidence for the case made against AT&T in the story. They were willing to play with records they were handing over to the government in ways not required by the law.
Though who knows if that remain(ed) the case? To get to the 30% figure quoted in all the pieces claiming NSA wasn’t getting cell data, you’d probably have to have AT&T excluded as well. So maybe after the Snowden releases, they, too, refused to do things they weren’t required to do by law (though because it had the Hemisphere database which could easily select records, that may have been harder to do).
Update: Adding that FISC took judicial notice of some magistrates’ rulings you needed more than a subpoena for location data in 2006, after Congress said you could only get what you could get with a subpoena in the 2006 PATRIOT Reauthorization. So it’s possible any squeamishness about location collection dates to that point, though we know FISC did still permit the government to get location data with 215 orders.
The NYT today:
The National Security Agency has used its bulk domestic phone records program to search for operatives from the government of Iran and “associated terrorist organizations” — not just Al Qaeda and its allies — according to a document obtained by The New York Times.
The inclusion of Iran and allied terrorist groups — presumably the Shiite group Hezbollah — and the confirmation of the names of other participating companies add new details to public understanding of the once-secret program. The Bush administration created the program to try to find hidden terrorist cells on domestic soil after the attacks of Sept. 11, 2001, and government officials have justified it by using Al Qaeda as an example.
emptywheel, 15 months ago:
I want to post Dianne Feinstein’s statement about what Section 215 does because, well, it seems Iran is now a terrorist. (This is around 1:55)
The Section 215 Business Records provision was created in 2001 in the PATRIOT for tangible things: hotel records, credit card statements, etcetera. Things that are not phone or email communications. The FBI uses that authority as part of its terrorism investigations. The NSA only uses Section 215 for phone call records — not for Google searches or other things. Under Section 215, NSA collects phone records pursuant to a court record. It can only look at that data after a showing that there is a reasonable, articulable that a specific individual is involved in terrorism, actually related to al Qaeda or Iran. At that point, the database can be searched. But that search only provides metadata, of those phone numbers. Of things that are in the phone bill. That person, um [flips paper] So the vast majority of records in the database are never accessed, and are deleted after a period of five years. To look at, or use content, a court warrant must be obtained.
Is that a fair description, or can you correct it in any way?
Keith Alexander: That is correct, Senator. [underline/italics added]
Some time after this post Josh Gerstein reported on Keith Alexander confirming the Iran targeting.
The NYT today:
One document also reveals a new nugget that fills in a timeline about surveillance: a key date for a companion N.S.A. program that collected records about Americans’ emails and other Internet communications in bulk. The N.S.A. ended that program in 2011 and declassified its existence after the Snowden disclosures.
In 2009, the N.S.A. realized that there were problems with the Internet records program as well and turned it off. It then later obtained Judge Bates’s permission to turn it back on and expand it.
emptywheel in November 2013:
I’ve seen a lot of outright errors in the reporting on the John Bates opinion authorizing the government to restart the Internet metadata program released on Monday.
Bates’ opinion was likely written in July 2010.
It had to have been written after June 21, 2010 and probably dates to between June 21 and July 23, 2010, because page 92 footnote 78 cites Holder v. HLP (which was released on June 21), but uses a “WL” citation; by July 23 the “S. Ct.” citation was available. (h/t to Document Exploitation for this last observation).
So: it had to have been written between June 21, 2010 and October 3, 2011, but was almost certainly written sometime in the July 2010 timeframe.
The latter oversight is understandable, as this story — which has been cited in court filings — misread Claire Eagan’s discussions of earlier bulk opinions, which quoted several sentences of Bates’ earlier one (though it was not the among the stories that really botched the timing of the Bates opinion).
In September, the Obama administration declassified and released a lengthy opinion by Judge Claire Eagan of the surveillance court, written a month earlier and explaining why the panel had given legal blessing to the call log program. A largely overlooked passage of her ruling suggested that the court has also issued orders for at least two other types of bulk data collection.
Specifically, Judge Eagan noted that the court had previously examined the issue of what records are relevant to an investigation for the purpose of “bulk collections,” plural. There followed more than six lines that were censored in the publicly released version of her opinion.
There have been multiple pieces of evidence to confirm my earlier July 2010 deduction since.
The big news in the NYT story (though not necessarily the NYT documents, which I’ll return to) is that in 2010, Verizon Wireless also received phone dragnet orders. I’ll return to what that tells us too.
But the news that Iran was targeted under the phone dragnet was confirmed publicly — and reported here — in a prepared statement from the Senate Intelligence Chair and confirmed by the Director of National Security Agency a week after the first Snowden leak story.
One of the most contentious exchanges in last night’s debate came when Megyn Kelly raised Chris Christie’s past attacks on Rand Paul for opposing the bulk dragnet.
KELLY: Alright, gentlemen, we’re gonna switch topics now and talk a bit about terror and national security.
Governor Christie. You’ve said that Senator Paul’s opposition to the NSA’s collection of phone records has made the United States weaker and more vulnerable, even going so far as to say that he should be called before Congress to answer for it if we should be hit by another terrorist attack.
Do you really believe you can assign blame to Senator Paul just for opposing he bulk collection of people’s phone records in the event of a terrorist attack?
CHRISTIE: Yes, I do. And I’ll tell you why: because I’m the only person on this stage who’s actually filed applications under the Patriot Act, who has gone before the federal — the Foreign Intelligence Service court, who has prosecuted and investigated and jailed terrorists in this country after September 11th.
I was appointed U.S. attorney by President Bush on September 10th, 2001, and the world changed enormously the next day, and that happened in my state.
This is not theoretical to me. I went to the funerals. We lost friends of ours in the Trade Center that day. My own wife was two blocks from the Trade Center that day, at her office, having gone through it that morning.
Never mind that most US Attorneys don’t, themselves, go before the FISC to present cases (usually it is people from the National Security Division, though it was OIPR when Christie was US Attorney), never mind that the name of the court is the “Foreign Intelligence Surveillance Court.
The real doozie here is Chris Christie’s claim that he “was appointed U.S. attorney by President Bush on September 10th, 2001.”
On December 7, 2001 — three months after the attacks — President Bush released this notice of nomination.
The President intends to nominate Christopher J. Christie to be United States Attorney for the District of New Jersey. Christie has been a partner with Dughi, Hewitt and Palatucci of Cranford, New Jersey since 1987. He is a graduate of the University of Delaware and Seton Hall University School of Law.
Christie was confirmed quickly and started as US Attorney in January 2002.
Now, maybe Bush spoke with his big New Jersey fundraiser Chris Christie and assured him the payoff — in the form of a key appointment — would be coming. Maybe that conversation even happened on September 10.
But it is not the case that he was nominated on September 10.
I attribute this fib — like the mistakes about the name of FISC — to be bluster and debate confusion. What I find more offensive is that Andrea Mitchell, when hailing Christie’s national security credentials later in the night, literally claimed he was nominated on September 10 and started on September 12.
And there’s a far bigger subtext here.
Christie implies he was involved in the dragnet in question. He was US Attorney from January 2002 to December 2008 — so he in fact would have been in office during the two years when the phone dragnet worked through the Servic–um, Surveillance court, and four years of the Internet dragnet. But if, as he implies, he was involved in the dragnet for the entire span of his tenure — and remember, there were huge cases run out of Trenton right out of 9/11 — then he was also using the fruits of illegal wiretapping to do his job. Not Servic — um, Surveillance court authorized dragnets and wiretaps, but also illegal wiretaps.
Which may explain why he’s so invested in rebutting any questions about the legitimacy of the program.
Update: Here’s what his official biography says about his tenure as US Attorney. (h/t JH)
Christie was named U.S. Attorney for the District of New Jersey in 2002. As the chief federal law enforcement officer in New Jersey, earning praise from leaders in both parties and drawing national attention for his efforts in battling political corruption, corporate crime, human trafficking, gangs, terrorism and environmental polluters.
Update: In an absolutely hysterical attempt to rebut the clear fact that he was not nominated when he said he was, Christie’s people said he was informed he would be on September 10 at 4:30 (as I suggested was likely). But the rest of the explanation makes it clear they hadn’t even done a background check yet!
The intervening crisis caused by the terrorist attacks on New York and Washington then delayed action on the nomination. In the interview for the book, Christie said he didn’t hear again from the White House for two weeks and that things were slowed because there were no available FBI agents to do background checks, as they had been assigned to investigating the 9/11 attacks.
As part of today’s Senate Judiciary Hearing on DOJ OLC’s decision to make DOJ’s Inspector General ask nicely before it gets certain kinds of materials it needs to conduct its work, John Cornyn asked what changed in 2010 to make the FBI start pushing back against sharing information freely with the IG.
Inspector General Michael Horowitz responded,
I was not the Inspector General at that time, but my understanding is that the memos and decisions from the legal counsel at the FBI followed several OIG reviews of the handling of National Security Letters, Exigent Letters, and other hard-hitting OIG reviews, because there was no other change in the law, no policy change, no regulatory change…
Horowitz is suggesting that because Horowitz’ predecessor, Glenn Fine, released reports that showed FBI abuse of national security programs, FBI started pushing back against sharing information. The claim is particularly interesting given that the Exigent Letters report, which was released in January 2010, significantly implicated FBI’s General Counsel’s office, including then General Counsel and now lifetime appointed judge (with Cornyn’s backing) Valerie Caproni.
The suggestion is also interesting given that Fine resigned in 2010 after starting an investigation into the use ofSection 215 and PRTT. It took years before DOJ had a working Inspector General again, resulting in a long delay before Congress got another report on how the government was using the phone dragnet.
All of which is all the more troubling, given that Horowitz revealed that,
Just yesterday, I’m told, in our review of the FBI’s use of the bulk telephony statute, a review that this committee has very much been interested in our doing, we got records with redactions, not for grand jury, Title III, or fair credit information, because those have been dealt with, but for other areas that the FBI has identified legal concerns about.
This is particularly troubling given that just weeks ago the USA Freedom Act mandated certain IG reviews of phone dragnet activities.
But the FBI is still obstructing such efforts.
I Con the Record just announced that the NSA will make the phone dragnet data it has “analytically unavailable” after the new system goes live in November, and unavailable even to techs three months later.
On June 29, 2015, the Foreign Intelligence Surveillance Court approved the Government’s application to resume the Section 215 bulk telephony metadata program pursuant to the USA FREEDOM Act’s 180-day transition provision. As part of our effort to transition to the new authority, we have evaluated whether NSA should maintain access to the historical metadata after the conclusion of that 180-day period.
NSA has determined that analytic access to that historical metadata collected under Section 215 (any data collected before November 29, 2015) will cease on November 29, 2015. However, solely for data integrity purposes to verify the records produced under the new targeted production authorized by the USA FREEDOM Act, NSA will allow technical personnel to continue to have access to the historical metadata for an additional three months.
Separately, NSA remains under a continuing legal obligation to preserve its bulk 215 telephony metadata collection until civil litigation regarding the program is resolved, or the relevant courts relieve NSA of such obligations. The telephony metadata preserved solely because of preservation obligations in pending civil litigation will not be used or accessed for any other purpose, and, as soon as possible, NSA will destroy the Section 215 bulk telephony metadata upon expiration of its litigation preservation obligations.
As I understand it, whatever data has been found to be two or three degrees of separation from a baddie will remain in NSA’s maw, but the data that has never returned off a search will not.
I’m pleasantly surprised by this, as I suspect it reflects a decision to accept the Second Circuit verdict in ACLU v. Clapper and to move to shut down other lawsuits.
As I noted, two weeks ago, the ACLU moved for an injunction against the dragnet, which not only might have led to the Second Circuit ordering the government to purge ACLU’s data right away (and possibly, to stop collecting all data), but also basically teed up the Second Circuit to remind the FISC it is not an appellate court. I worried that would lead the FISC to ask FISCR to review its dragnet decisions under a provision newly provided under the USA F-ReDux.
Shortly after ACLU filed its request for an injunction, the government asked for an extension to … today, which the court granted.
So I assume we’ll shortly see that filing arguing that, since the government has voluntarily set a purge date for all the dragnet data, ACLU should not get its injunction.
That doesn’t necessarily rule out a FISCR fast track request, but I think it makes it less likely.
The other player here, however, is the EFF.
I believe both ACLU and EFF’s phone dragnet client Council on American Islamic Relations, had not only standing as clients of dragnetted companies, but probably got swept up in the two-degree dragnet. But CAIR probably has an even stronger case, because it is public that FISC approved a traditional FISA order against CAIR founder Nihad Awad. Any traditional FISA target has always been approved as a RAS seed to check the dragnet, and NSA almost certainly used that more back when Awad was tapped, which continued until 2008. In other words, CAIR has very good reason to suspect the entire organization has been swept up in the dragnet and subjected to all of NSA’s other analytical toys.
EFF, remember, is the one NGO that has a preservation order, which got extended from its earlier NSA lawsuits (like Jewel) to the current dragnet suit. So when I Con the Record says it can’t destroy all the data yet, it’s talking EFF, and by extension, CAIR. So this announcement — in addition to preparing whatever they’ll file to get the Second Circuit off its back — is likely an effort to moot that lawsuit, which in my opinion poses by far the biggest threat of real fireworks about the dragnet (not least because it would easily be shown to violate a prior SCOTUS decision prohibiting the mapping of organizations).
We’ll see soon enough. For the moment, though, I’m a bit surprised by the cautious approach this seems to represent.
Update: Timeline on data availability fixed.
Update: Here’s the government’s brief submitted today. I’m rather intrigued by how often the brief claims USA F-ReDux was about bulk “telephony” data when it was supposed to be about all bulk collection. But I guess I can return to that point.
Update: They depart from describing USA F-ReDux as a ban bulk collection of telephony when they describe it as a ban on collection of bulk collection under Section 215, also not what the bill says.
Part of the compromise on which Congress settled, which the President supported, was to add an unequivocal ban on bulk collection under Section 215 specifying that “[n]o order issued under” Section 215(b)(2) “may authorize collection of tangible things without the use of a specific selection term that meets the requirements” of that subsection.
Update: This is key language — and slightly different from what they argued before FISC. I will return to it.
Plaintiffs assert that, by not changing the language of Section 215 authorizing the collection of business records during the transition period, Congress implicitly incorporated into the USA FREEDOM Act this Court’s opinion holding that Section 215 did not authorize bulk collection. See Pls.’ Mot. 7- 8. Plaintiffs rely on language providing that the legislation does not “alter or eliminate the authority of the Government to obtain an order under” Section 215 “as in effect prior to the effective date” of the statute. USA FREEDOM Act § 109, 129 Stat. at 276. That language does not advance plaintiffs’ argument, however, because the statute says nothing expressly about what preexisting authority the government had under Section 215 to obtain telephony metadata in bulk. It is implausible that Congress employed the word “authority” to signify that the government lacked authority to conduct the Section 215 bulk telephony-metadata program during the 180-day transition period, contrary to the FISC’s repeated orders and the Executive Branch’s longstanding and continuing interpretation and application of the law, and notwithstanding the active litigation of that question in this Court. That is especially so because language in the USA FREEDOM Act providing for the 180-day transition period has long been a proposed feature of the legislation. It is thus much more plausible that the “authority” Congress was referring to was not the understanding of Section 215 reflected in this Court’s recent interpretation of Section 215, but rather the consistent interpretation of Section 215 by 19 different FISC judges: to permit bulk collection of telephony metadata.
The Senate Intelligence Authorization is now available here.
In addition to language requiring social media companies to report terrorist activity on their network to the government — which yesterday Jim Comey said they didn’t need — it has a provision that might to lead to data retention mandates under USA F-ReDux. It requires reporting if any provider stops retaining call detail records at least 18 months.
SEC. 602. NOTIFICATION OF CHANGES TO RETENTION OF CALL DETAIL RECORD POLICIES.
(a) Requirement To Retain.—Not later than 15 days after learning that an electronic communication service provider that generates call detail records in the ordinary course of business has changed its policy on the retention of such call detail records to result in a retention period of less than 18 months, the Director of National Intelligence shall provide written notification of such change to the congressional intelligence committees.
(b) Definitions.—In this section:
(1) CALL DETAIL RECORD.—The term “call detail record”—
(A) means session-identifying information (including an originating or terminating telephone number, an International Mobile Subscriber Identity number, or an International Mobile Station Equipment Identity number), a telephone calling card number, or the time or duration of a call; and
(B) does not include—
(i) the contents (as defined in section 2510(8) of title 18, United States Code) of any communication;
(ii) the name, address, or financial information of a subscriber or customer; or
(iii) cell site location or global positioning system information.
(2) ELECTRONIC COMMUNICATION SERVICE.—The term “electronic communication service” has the meaning given that term in section 2510 of title 18, United States Code. [my emphasis]
The important details of this provision, however, are in the definitions.
This retention requirement applies to all electronic communication service providers that generate call detail records. That means it applies not just to telecoms, traditionally defined, but also to internet service providers. And the definition of call detail record relies on “session identifier,” not any phone call made.
That either confirms that USA F-ReDux will apply to Internet companies as well as phone companies, and/or it suggests SSCI wants data retention to apply to far more than just the newfangled phone dragnet.