702 Reauthorization Bill: Why a Back Door Fix for Criminal Searches Is Meaningless

In this post, I explained how the House Judiciary Committee Section 702 reauthorization bill only closes the back door search loophole for “quer[ies] for evidence of a crime.” In addition, they let the government define what a “query reasonably designed for the primary purpose of returning foreign intelligence information” is, which means they’re basically punting on defining it themselves until 2023.

Given that treatment, the back door search fix is virtually useless, because for every search that might return the communications of an American, the government can always claim they’re considering recruiting the American as an informant.

Any communication queryable by back door search by definition involves a person of interest for a foreign intelligence reason

To understand why, first remember why FBI would get this information in the first place. They can only get raw 702 data if they have an active full investigation — and by definition, the targets of that that active full investigation are going to be targeted for the same reasons the target would be targeted by NSA, because they are of national security interest, pertaining to counterterrorism, counterproliferation, and counterintelligence/nation-state hacking.

Thus, any American whose communications might come up in a back door search will — by definition — be someone talking to a target of interest. That doesn’t mean they’re talking to a “bad guy,” as US national security professionals insist on speaking of adversaries. They’re just someone who has foreign intelligence information related to one of those three-plus topics.

Since 2002, the government has insisted that any crime — including rape — can be foreign intelligence information

The precedent that determined the limits of the government’s use of FISA-obtained information in criminal proceedings came in the 2002 In Re Sealed case challenge where the FISA Court of Review deemed the PATRIOT Act’s adoption of “significant purpose” language in FISA targeting to permit the sharing of information for criminal purposes.

As part of that case, the government claimed it could use criminal information to recruit a foreign spy.

Thus, for example, where information is relevant or necessary to recruit a foreign spy or terrorist as a double agent, that information is “foreign intelligence information” if the recruitment effort will “protect against” espionage or terrorism.

[snip]

Whether the government intends to prosecute a foreign spy or recruit him as a double agent (or use the threat of the former to accomplish the latter), the investigation will often be long range, involve the interrelation of various sources and types of information, and present unusual difficulties because of the special training and support available to foreign enemies of this country. [my emphasis]

During the hearing, FISCR judge Laurence Silberman tried to get Solicitor General Ted Olson to envision some kind of crime that couldn’t be used for foreign intelligence purpose, suggesting rape. But even that, Olson argued, could be deemed foreign intelligence information, because the government could use evidence of rape to coerce someone to become an informant.

OLSON: And it seems to me, if anything, it illustrates the position that we’re taking about here. That, Judge Silberman, makes it clear that to the extent a FISA-approved surveillance uncovers information that’s totally unrelated — let’s say, that a person who is under surveillance has also engaged in some illegal conduct, cheating —

JUDGE LEAVY: Income tax.

SOLICITOR GENERAL OLSON: Income tax. What we keep going back to is practically all of this information might in some ways relate to the planning of a terrorist act or facilitation of it.

JUDGE SILBERMAN: Try rape. That’s unlikely to have a foreign intelligence component.

SOLICITOR GENERAL OLSON: It’s unlikely, but you could go to that individual and say we’ve got this information and we’re prosecuting and you might be able to help us. I don’t want to foreclose that.

JUDGE SILBERMAN: It’s a stretch.

SOLICITOR GENERAL OLSON: It is a stretch but it’s not impossible either. [my emphasis]

The previous year, in 2001, the government had used the threat of a rape prosecution against Abu Zubaydah’s brother, Hesham Abu Zubaydah (who had had calls with his brother picked up on wiretaps), to convince him to become an informant. The FISCR decision certainly didn’t endorse approving individual FISA warrants to find proof of crimes that could be used to flip people. But neither did it place meaningful limits (and why should it, given that in those halcyon days all FISA orders were individualized).

In years since then, the government has repeatedly told the FISC they’re using programmatic spying to find informants. In both 2006 and 2009 it said it would use the phone dragnet “to discover individuals willing to become U.S. Government assets.” (see PDF 22 for citations to two Keith Alexander statements) That’s also one way the FBI measured the efficacy of Stellar Wind.

The Gartenlaub case shows FBI will use kiddie porn to (attempt to recruit) foreign intelligence informants

This is one reason the Keith Gartenlaub case is so important, in which the government used a criminal warrant, then a FISA warrant, then another criminal warrant to obtain evidence that Gartenlaub had nine-year old kiddie porn on his hard drives. The government justified all those warrants based on the claim that Gartenlaub was working with his Chinese in-laws — who always got described as influential in China — to steal Boeing information to share with China. Ultimately, they found no evidence of that.

I will eventually show evidence that the government also used Section 702 against Gartenlaub, probably (at a minimum) to obtain the Skype conversations he had with his in-laws, who would be targetable as influential Chinese citizens.

In any case, in association with the Gartenlaub case, the government changed both the individual FISA and the Section 702 minimization procedures to permit the sharing of data collected under FISA with the National Center for Missing and Exploited Children, meaning they can use FISA to obtain information on kiddie porn in the name of foreign intelligence collection.

After they indicted Gartenlaub, the government offered to drop the charges for information on the spying with China.

During his initial appearance in a federal courthouse in Santa Ana, Calif., the prosecutors indicated a willingness to reduce or drop the child pornography charges if he would tell them about the C-17, said Sara Naheedy, Gartenlaub’s attorney at the time.

Even at that late date, after eighteen months, two criminal warrants, and a FISA warrant, the government was treating Gartenlaub’s alleged kiddie porn possession as potential foreign intelligence information.

One purpose of assessments — and queries conducted under them — is to assess people to become informants

Every description of back door searches is clear: FBI can use them at the assessment level (that is, when they’re trying to figure out whether to open a full investigation).

[W]henever the FBI opens a new national security investigation or assessment, FBI personnel will query previously acquired information from a variety of sources, including Section 702, for information relevant to the investigation or assessment. With some frequency, FBI personnel will also query this data, including Section 702– acquired information, in the course of criminal investigations and assessments that are unrelated to national security efforts. In the case of an assessment, an assessment may be initiated “to detect, obtain information about, or prevent or protect against federal crimes or threats to the national security or to collect foreign intelligence information.

And FBI’s Domestic Investigations and Operations Guide is equally clear: the FBI uses assessments to determine whether people would make good informants. For example, the DIOG describes this scenario — which sounds just like what happened to Professor Xiaoxiang Xi — among its scenarios for using assessments.

A field office has a Full Investigation open on a group of individuals from country X believed to be targeting engineers and high-tech workers involved in the production of semiconductor chips. Evidence in the Full Investigation suggests that the individuals from country X are attempting to recruit the engineers and high tech workers to steal information regarding the semiconductor chips in exchange for money. During the investigation, an engineer who travels frequently to country X has been identified.

Information developed during the Predicated Investigation may be used to determine whether the engineer should be viewed as a subject of the investigation or a potential [Confidential Human Source]. If the engineer is determined to be a subject of the Full Investigation, a Type 5 Assessment may not be opened and the engineer needs to be opened as the target of a Full Investigation. If the primary focus of the FBI’s interest is to determine whether the individual may be a potential source, a Type 5 Assessment should be opened to collect information necessary to determine whether the FBI should attempt to recruit the engineer as a CHS. (PDF 117)

Remember: the FBI can obtain any 702 data related to a full investigation like the one described here. And Chinese scientists suspected of IP theft would be clear targets under the Foreign Government certificate. So it is solidly within the realm of possibility that the government would target Chinese scientists, obtain conversations (like the one that Xi got targeted for) about semiconductors, and then find that information at a later time when researching the American whose communication got collected incidentally.

That’s the problem with trying to fix the back door loophole while still permitting back door searches for foreign intelligence assessments: because it’s not until the government pulls up the information at the assessment stage — and it may well be years later, as was the case for Gartenlaub — that the government decides whether they’re going to use it and its fruits as foreign intelligence or criminal information.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Maybe FBI Has Lost Track of Who the Informants Are?

Here are all the informants and undercover employees listed in the criminal complaint against Erick Hendricks, who was arrested for conspiring to materially support ISIL in relation to the Garland, TX attack:

  • CHS-1: a paid informant for the last year and a half with a criminal record of fraud and forgery who has not (yet?) received sentencing benefits for his cooperation; he met with Hendricks in Baltimore.
  • CHS2: a paid informant for the last 4 years with no known criminal history; he posed as someone wanting to join ISIL.
  • CHS-3: a paid informant for the last 4 and a half years with no known criminal history; Hendricks instructed CHS-3 to assess UCE-1 for recruitment.
  • CHS-4: a paid informant for the last 4 years with no known criminal history; Hendricks provided him with jihadist propaganda on social media. He also met with Hendricks in Baltimore, at a later date.
  • UCE-1: an undercover officer had conversations directly with Hendricks that mirrored those Hendricks had with a cooperating witness. UCE-1 also incited and then was present for the Garland attack.

Not mentioned at all in this narrative is the role played by Joshua Goldberg, a Jewish guy who adopted many avatars online to incite all kinds of violence, including, under the name of Australi Witness, Garland. In December Goldberg was deemed incompetent to stand trial, though in June it was decided with more treatment he might become competent enough to stand trial, so they’re going to check again in four months.

So, the cell that committed the Garland attack consisted of the two now-dead perpetrators, four informants, an undercover FBI officer, a mentally ill troll, and Hendricks.

Only now, Hendricks claims he was an informant too!

Hendricks claims to have been a paid informant of the FBI since 2009 who helped the agency identify potential terrorists. Code name: “Ahkie,” a variation of the Muslim term for “brother.”

He also claims to have been an outspoken and longtime opponent of radical Islam.

“I have publicly, privately and consistently denounced Al-Qaeda, ISIS and all extremist groups,” Hendricks said in a statement that Lisa Woods says her son dictated during a Wednesday phone call from the jail.

“I am baffled as to why the FBI (is) accusing me of terrorist ties.”

[snip]

In his statement, Hendricks says the FBI first made contact with him in 2009, when as Mustafa Abu Maryam, Hendricks was the youth coordinator of the Islamic Circle of North America Center in Alexandria, Va.

[snip]

In his jail statement, Hendricks says he was recruited in 2009 by an FBI agent named David to help identify potential terrorists. In 2010, after Hendricks had moved to Columbia, he says he worked with another FBI agent named Steve. Altogether, Hendricks claims to have developed “at least a half-dozen” cases against extremists.

Has the FBI simply lost track of who are real and who are the people it is paying to play a role? Or is it possible someone from another agency, claiming to be FBI, recruited Hendricks (don’t laugh! That’s one potential explanation for Anwar al-Awlaki’s curious ties to US law enforcement, a story that wends its way through a related mosque in VA)?

Sure, maybe Hendricks is making all this up (at the very least, it may necessitate the BoP to protect him in prison since he has now publicly claimed to be a narc). But FBI’s network of informants sure is getting confusing.

 

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Former Top Holder Aide Says Back Door Searches Violate Fourth Amendment; FISC Judge Thomas Hogan Doesn’t Care

My apologies to Amy Jeffress.

When I first realized that FISA Court Presiding Judge Thomas Hogan picked her to serve as amicus for the review of the yearly 702 certifications last year, I complained that she, not Marc Zwillinger, got selected (the pick was made in August, but Jeffress would later be picked as one of the standing amicus curiae, along with Zwillinger). After all, Zwillinger has already argued that PRISM (then authorized by Protect America Act) was unconstitutional when he represented Yahoo in its challenge of the program. He’s got experience making this precise argument. Plus, Jeffress not only is a long-time national security prosecutor and former top Eric Holder aide, but she has been involved in some actions designed to protect the Executive. I still think Zwillinger might have done a better job. But Jeffress nevertheless made what appears to be a vigorous, though unsuccessful, argument that FBI’s back door searches of US person data are unconstitutional.

A former top DOJ lawyer believes FBI’s back door queries are unconstitutional

But it says a lot that Jeffress — someone who narrowly missed being picked as Assistant Attorney General for National Security and who presumably got at least some visibility on back door searches when working with Holder — argued that FBI’s warrantless back door searches of communications collected under Section 702 is unconstitutional. (I presume it would be unethical for Jeffress to use information learned while counseling Holder in this proceeding, which might have put her in an interesting position of knowing more than she could say.)

Sadly, Hogan didn’t care. Worse, his argument for not caring doesn’t make sense. As I’ll note, not only did Hogan pick a less than optimal person to make this argument, but he may have narrowly scoped her input, which may have prevented her from raising evidence in Hogan’s own opinion that his legal conclusion was problematic.

To be clear, Jeffress was no flaming hippie. She found no problem with the NSA and CIA practice of back door searches, concluding, “that the NSA and CIA minimization procedures are sufficient to ensure that the use of U.S. person identifiers for th[e] purpose of [querying Section 702-acquired information] complies with the statutory requirements of Section 702 and with the Fourth Amendment.” But she did find the FBI practice problematic.

Jeffress’ amicus brief included at least 10 pages of discussion of her concerns with the practice, though ODNI did not release her brief and Hogan cited very limited bits of it. She argued, “the FISA process cannot be used as a device to investigate wholly unrelated ordinary crimes” and said because the queries could do so they “go far beyond the purpose for which the Section 702-acquired information is collected in permitting queries that are unrelated to national security.”

To dismiss Jeffress’ arguments, Hogan does several things. He,

  • Notes the statute requires foreign intelligence just be “a significant purpose” of the collection, and points back to the 2002 In Re Sealed Case FISCR decision interpreting the “significant purpose” language added in the PATRIOT Act to permit the use of traditional FISA information for prosecutions
  • Cites the FISA minimization procedure language that “allow[s] for the retention and dissemination of information that is evidence of a crime which has been, is being, or is about to be committed”
  • Dismisses a former top DOJ official’s concerns about the use of FISA data for non-national security crimes as “hypothetical”
  • Doesn’t address — at all — language in the FBI minimization procedures that permits querying of data for assessments and other unspecified uses
  • Invests a lot of faith in FBI’s access and training requirements that later parts of his opinion undermine

There are several problems with his argument.

In Re Sealed Case ties “significant purpose” to the target of an interception

First, Hogan extends the scope of what the FISA Court of Review interpreted the term “significant purpose,” which got added to traditional FISA in the PATRIOT Act and then adopted in FISA Amendments Act.

Hogan cites the FISCR decision in In Re Sealed Case to suggest it authorized the use of information against non-targets of surveillance. He does so by putting the court’s ultimate decision after caveats it uses to modify that. “The Court of Review concluded that it would be an “anomalous reading” of the “significant purpose” language of 50 U.S.C. § 1804(a)(6)(B) to allow the use of electronic surveillance in such a case. See id. at 736. The Court nevertheless stressed, however, that “[s]o long as the government entertains a realistic option of dealing with the agent other than through criminal prosecution that it satisfies the significant purpose test.”

But that’s not what FISCR found. Here’s how that reads in the original, with Hogan’s citations emphasized.

On the one hand, Congress did not amend the definition of foreign intelligence information which, we have explained, includes evidence of foreign intelligence crimes. On the other hand, Congress accepted the dichotomy between foreign intelligence and law enforcement by adopting the significant purpose test. Nevertheless, it is our task to do our best to read the statute to honor congressional intent. The better reading, it seems to us, excludes from the purpose of gaining foreign intelligence information a sole objective of criminal prosecution. We therefore reject the government’s argument to the contrary. Yet this may not make much practical difference. Because, as the government points out, when it commences an electronic surveillance of a foreign agent, typically it will not have decided whether to prosecute the agent (whatever may be the subjective intent of the investigators or lawyers who initiate an investigation). So long as the government entertains a realistic option of dealing with the agent other than through criminal prosecution, it satisfies the significant purpose test.

The important point is–and here we agree with the government–the Patriot Act amendment, by using the word “significant,” eliminated any justification for the FISA court to balance the relative weight the government places on criminal prosecution as compared to other counterintelligence responses. If the certification of the application’s purpose articulates a broader objective than criminal prosecution–such as stopping an ongoing conspiracy–and includes other potential non-prosecutorial responses, the government meets the statutory test. Of course, if the court concluded that the government’s sole objective was merely to gain evidence of past criminal conduct–even foreign intelligence crimes–to punish the agent rather than halt ongoing espionage or terrorist activity, the application should be denied.

The government claims that even prosecutions of non-foreign intelligence crimes are consistent with a purpose of gaining foreign intelligence information so long as the government’s objective is to stop espionage or terrorism by putting an agent of a foreign power in prison. That interpretation transgresses the original FISA. It will be recalled that Congress intended section 1804(a)(7)(B) to prevent the government from targeting a foreign agent when its “true purpose” was to gain non-foreign intelligence information–such as evidence of ordinary crimes or scandals. See supra at p.14. (If the government inadvertently came upon evidence of ordinary crimes, FISA provided for the transmission of that evidence to the proper authority. 50 U.S.C. § 1801(h)(3).) It can be argued, however, that by providing that an application is to be granted if the government has only a “significant purpose” of gaining foreign intelligence information, the Patriot Act allows the government to have a primary objective of prosecuting an agent for a non-foreign intelligence crime. Yet we think that would be an anomalous reading of the amendment. For we see not the slightest indication that Congress meant to give that power to the Executive Branch. Accordingly, the manifestation of such a purpose, it seems to us, would continue to disqualify an application. That is not to deny that ordinary crimes might be inextricably intertwined with foreign intelligence crimes. For example, if a group of international terrorists were to engage in bank robberies in order to finance the manufacture of a bomb, evidence of the bank robbery should be treated just as evidence of the terrorist act itself. But the FISA process cannot be used as a device to investigate wholly unrelated ordinary crimes.

Hogan ignores three key parts of this passage. First, FISCR’s decision only envisions the use of evidence against the target of the surveillance, not against his interlocutors, to in some way neutralize him. Any US person information collected and retained under 702 is, by definition, not the targeted person (whereas he or she might be in a traditional FISA order). Furthermore, FBI’s queries of information collected under 702 will find and use information that has nothing to do with putting foreign agents in prison — that is, to “investigate wholly unrelated ordinary crimes,” which FISCR prohibited. Finally, by searching data that may be years old for evidence of a crime, FBI is, in effect, “gaining evidence of past criminal conduct” — itself prohibited by FISCR — of someone who isn’t even the target of the surveillance.

Hogan only treats querying for criminal purposes

Having, in my opinion, expanded on what FISCR authorized back in 2002, Hogan then ignores several parts of what FBI querying permits.

Here’s (some of) the language FBI added to its minimization procedures, at the suggestion of PCLOB, to finally, after 8 years, fully disclose what it was doing to the FISC.

It is a routine and encouraged practice for FBI to query databases containing lawfully acquired information, including FISA-acquired information, in furtherance of the FBI’s authorized intelligence and law enforcement activities, such as assessments, investigations and intelligence collection. Section III.D governs the conduct of such queries. Examples of such queries include, but are not limited to, queries reasonably designed to identify foreign intelligence information or evidence of a crime related to an ongoing authorized investigation or reasonably designed queries conducted by FBI personnel in making an initial decision to open an assessment concerning a threat to national security, the prevention or protection against a Federal crime, or the collection of foreign intelligence, as authorized by the Attorney General Guidelines. These examples are illustrative and neither expand nor restrict the scope of the queries authorized in the language above.

This language makes clear FBI may do back door searches for:

  • To identify foreign intelligence information
  • To identify evidence of a crime related to an ongoing investigation
  • To decide whether to open an assessment concerning a threat to national security, the prevention or protection against a Federal crime, or the collection of foreign intelligence
  • Other things, because FBI’s use of such queries “are not limited to” these uses

Given Hogan’s stingy citations from Jeffress’ brief, it’s unclear how much of these things she addressed (or whether she was permitted to introduce knowledge gained from having worked closely with Eric Holder when these back door searches were being formalized).

Read more

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

NSA’s Dragnet Failed to “Correlate” David Headley’s Identity, One of Its Core Functions

In a piece on the GCHQ and NSA failure to identify David Headley’s role in the Mumbai terrorist attack, ProPublica quotes former CIA officer Charles Faddis on the value of bulk surveillance.

“I’m not saying that the capacity to intercept the communications is not valuable,” said Charles (Sam) Faddis, a former C.I.A. counterterror chief. “Clearly that’s valuable.” Nonetheless, he added, it is a mistake to rely heavily on bulk surveillance programs in isolation.

“You’re going to waste a lot of money, you’re going to waste a lot of time,” Faddis said. “At the end, you’re going have very little to show for it.”

The article as a whole demonstrates that in a manner I’m fairly shocked about. The NSA failed to recognize what it had in intelligence collected on Headley’s role in the attack even after the attack because they hadn’t correlated his known birth name with the name he adopted in the US.

Headley represents another potential stream of intelligence that could have made a difference before Mumbai. He is serving 35 years in prison for his role. He was a Pakistani-American son of privilege who became a heroin addict, drug smuggler and DEA informant, then an Islamic terrorist and Pakistani spy, and finally, a prize witness for U.S. prosecutors.

In recounting that odyssey, we previously explored half a dozen missed opportunities by U.S. law enforcement to pursue tips from Headley’s associates about his terrorist activity. New reporting and analysis traces Headley’s trail of suspicious electronic communications as he did reconnaissance missions under the direction of Lashkar and Pakistan’s Inter-Services Intelligence Directorate (ISI).

Headley discussed targets, expressed extremist sentiments and raised other red flags in often brazen emails, texts and phone calls to his handlers, one of whom worked closely on the plot with Shah, the Lashkar communications chief targeted by the British.

U.S. intelligence officials disclosed to me for the first time that, after the attacks, intensified N.S.A. monitoring of Pakistan did scoop up some of Headley’s suspicious emails. But analysts did not realize he was a U.S.-based terrorist involved in the Mumbai attacks who was at work on a new plot against Denmark, officials admitted.

The sheer volume of data and his use of multiple email addresses and his original name, Daood Gilani, posed obstacles, U.S. intelligence officials said. To perfect his cover as an American businessman, Headley had legally changed his name in 2006.

“They detected a guy named ‘Gilani’ writing to bad guys in Pakistan, communicating with terror and ISI nodes,” a senior U.S. intelligence official said. “He wrote also in fluent Urdu, which drew interest. Linking ‘Gilani’ to ‘Headley’ took a long time. The N.S.A. was looking at those emails post-Mumbai. It was not clear to them who he was.”

As I’ve explained, one of the things NSA does with all its data is to “correlate” selectors, so that it maps a picture of all the Internet and telecom (and brick and mortar, where they have HUMINT) activities of a person using the multiple identities that have become common in this day and age. This is a core function of the NSA’s dragnets, and it works automatically on EO 12333 data (and worked automatically on domestically-collected phone and — probably — Internet metadata until 2009).

When you think about it, there are some easy ways of matching online identities (going to a provider, mapping some IP addresses). And even the matching of “burner” IDs can be done with 94% accuracy, at least within AT&T’s system, according to AT&T’s own claims.

The NSA says they didn’t do so here because Headley had changed his name.

Headley, recall, was a DEA informant. Which means, unless these intelligence agencies are far more incompetent than I believe they are, this information was sitting in a government file somewhere: “Daood Gilani, the name of a known Urdu-fluent informant DEA sent off to Pakistan to hang out with baddies  = David Headley.” Unless Headley adopted the new name precisely because he knew it would serve to throw the IC off his trail.

And yet … NSA claims it could not, and did not, correlate those two identities and as a result didn’t even realize Headley was involved in the Mumbai bombing even after the attack.

Notably, they claim they did not do so because of the “sheer volume of data.”

In short, according to the NSA’s now operative story (you should click through to read the flaccid apologies the IC offered up for lying about the value of Sections 215 and 702 in catching Headley), the NSA’s dragnet failed at one of its core functions because it is drowning in data.

 

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

FBI’s Preventative Role: Hygiene for Corporations, Spies for Muslims

I’m still deep in this 9/11 Follow-up Report FBI, which Jim Comey and now-retired Congressman Frank Wolf had done last year and which released the unsurprising topline conclusion that Jim Comey needs to have more power, released earlier this week.

About the only conclusion in the report that Comey disagreed with — per this Josh Gerstein report — is that it should get out of the business of Countering Violent Extremism.

Comey said he agreed with many of the report’s recommendations, but he challenged the proposal that the FBI leave counter-extremism work to other agencies.

“I respectfully disagree with the review commission,” the director said. “It should not be focused on messages about faith it should not be socially focused, but we have an expertise … I have these people who spend all day long thinking dark thoughts and doing research at Quantico, my Behavioral Analysis Unit. They have an incredibly important role to play in countering violent extremism.”

Here’s what the report had to say about FBI and CVE (note, this is a profoundly ahistorical take on the serial efforts to CVE, but that’s just one of many analytical problems with this report).

The FBI, like DHS, NCTC, and other agencies, has made an admirable effort to counter violent extremism (CVE) as mandated in the White House’s December 2011 strategy, Empowering Local Partners to Prevent Violent Extremism in the United States. In January 2012, the FBI established the Countering Violent Extremism Office (CVEO) under the National Security Branch.322 The CVEO was re-aligned in January 2013 to CTD’s Domestic Terrorism Operations Section, under the National JTTF, to better leverage the collaborative participation of the dozens of participating agencies in FBI’s CVE efforts.323 Yet, even within FBI, there is a misperception by some that CVE efforts are the same as FBI’s community outreach efforts. Many field offices remain unaware of the CVE resources available through the CVEO.324 Because the field offices have to own and integrate the CVE portfolio without the benefit of additional resources from FBI Headquarters, there is understandably inconsistent implementation. The Review Commission, through interviews and meetings, heard doubts expressed by FBI personnel and its partners regarding the FBI’s central role in the CVE program. The implementation had been inconsistent and confusing within the FBI, to outside partners, and to local communities.325 The CVEO’s current limited budget and fundamental law enforcement and intelligence responsibilities do not make it an appropriate vehicle for the social and prevention role in the CVE mission. Such initiatives are best undertaken by other government agencies. The Review Commission recommends that the primary social and prevention responsibilities for the CVE mission should be transferred from the FBI to DHS or distributed among other agencies more directly involved with community interaction.

[snip]

(U) Recommendation 6: The Review Commission recommends that the primary social and prevention responsibilities for the CVE mission should be transferred from the FBI to DHS or distributed among other agencies more directly involved with community interaction.

For what it’s worth, Muslim communities increasingly agree that the FBI — and the federal government generally — should not be in the business of CVE. But that’s largely because the government approaches it with the same view Comey does: by thinking immediately of his analysts thinking dark thoughts at Quantico. So if some agency that had credibility — if some agency had credibility — at diverting youth (of all faiths) who might otherwise get caught in an FBI sting, I could support it moving someplace else, but I’m skeptical DHS or any other existing federal agency is that agency right now.

While the Review doesn’t say explicitly in this section what it wants the FBI to be doing instead of CVE, elsewhere it emphasizes that it wants the FBI to do more racial profiling (AKA “domain awareness”) and run more informants. Thus, I think it fair to argue that the Ed Meese-led panel thinks the FBI should spy on Muslims, not reach out to them. Occupation-style federal intelligence gathering, not community based.

Which is why I think this approach to Muslim communities should be compared directly with the Review’s approach with corporations. The same report that says FBI should not be in the business of CVE — which done properly is outreach to at-risk communities — says that it should accelerate and increase its funding for its outreach to the private sector.

(U) Recommendation 5: The Review Commission recommends that the FBI enhance and accelerate its outreach to the private sector.

  • (U) The FBI should work with Congress to develop legislation that facilitates private companies’ communication and collaboration and work with the US Government in countering cyber threats.
  • (U) The FBI should play a prominent role in coordinating with the private sector, which the Review Commission believes will require a full-time position for a qualified special agent in the relevant field offices, as well as existing oversight at Headquarters.

Indeed, in a paragraph explaining why the FBI should add more private sector liaisons (and give them the same credit they’d get if they recruited corporations as narcs, only corporations shouldn’t be called “sources” because it would carry the stigma of being a narc), the Review approvingly describes the FBI liaison officers working with corporations to promote better Internet hygiene.

The Review Commission learned that the FBI liaison positions have traditionally been undervalued but that has begun to change as more experienced special agents take on the role, although this has not yet resulted in adequate numbers of assigned special agents or adequate training for those in the position. One field office noted that it had 400 cleared defense contractors (CDCs) in its AOR—ranging from large well known names to far smaller enterprises—with only one liaison officer handling hundreds of CDCs. This field office emphasized the critical need for more liaison officers to conduct outreach to these companies to promote better internet hygiene, reduce the number of breaches, and promote long-term cooperation with the FBI.319 Another field office noted, however, some sensitivity in these liaison relationships because labeling private sector contacts as sources could create a stigma. The field office argued that liaison contacts should be considered valuable and special agents should receive credit for the quality of liaison relationships the same way they do for CHSs.320

Ed Meese’s panel wants the FBI to do the digital equivalent of teaching corporations to blow their nose and wash their hands after peeing, but it doesn’t think the FBI should spend time reaching out to Muslim communities but should instead spy on them via paid informants.

Maybe there are good reasons for the panel’s disparate recommended treatment of corporations and Muslim communities. If so, the Review doesn’t explain it anywhere (though the approach is solidly in line with the Intelligence Committees’ rush to give corporations immunity to cyber share information with the federal government).

But it does seem worth noting that this panel has advocated the nanny state for one stakeholder and STASI state for another.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

What an XKeyscore Fingerprint Looks Like

As part of its cooperation with New Zealand’s best journalist on that country’s SIGINT activities, Nicky Hager, the Intercept has published a story on the targets of a particular XKeyscore query (note: these stories say the outlets obtained this document; they don’t actually say they obtained it from Edward Snowden): top officials in the Solomon Islands and an anti-corruption activist there.

Aside from the targets, which I’ll get to, the story is interesting because it shows in greater detail than we’ve seen what an XKS query looks like. It’s a fairly standard computer query, though initiated by the word “fingerprint.” Some of it is consistent with what Snowden has described fingerprints to include: all the correlated identities that might be associated with a search. The query searches on jremobatu — presumably an email unique name — and James Remobatu, for example. As I have noted, if they wanted to target all the online activities of one particularly person — say, me! — they would add on all the known identifiers, so emptywheel, @emptywheel, Marcy Wheeler, and all the cookies they knew to be associated with me.

What’s interesting, though, is this query is not seeking email or other Internet communication per se. It appears to be seeking documents, right out of a file labeled Solomon government documents. Those may have been pulled and stored as attachments on emails. But the query highlights the degree to which XKS sucks up everything, including documents.

Finally, consider the target of the query. As both articles admit, the reason behind some of the surveillance is understandable, if sustained. Australia and New Zealand had peacekeepers in the Solomons to deal with ethnic tensions there, though were withdrawing by January 2013 when the query was done. The query included related keywords.

In the late 1990s and early 2000s the islands suffered from ethnic violence known as “The Tensions.” This led to the 2003 deployment to the Solomons of New Zealand, Australian and Pacific Island police and military peacekeepers. By January 2013, the date of the target list, both New Zealand and Australia were focused on withdrawing their forces from the island country and by the end of that year they were gone.

The XKEYSCORE list shows New Zealand was carrying out surveillance of several terms associated with militant groups on the island, such as “former tension militants,” and “malaita eagle force.” But with the security situation stabilized by 2013, it is unclear why New Zealand spies appear to have continued an expansive surveillance operation across the government, even tailoring XKEYSCORE to intercept information about an anti-corruption campaigner.

More specifically, however, the query was targeting not the militants, but the Truth and Reconciliation process in the wake of the violence.

I would go further than these articles, however, and say I’m not surprised the Five Eyes spied on a Truth and Reconciliation process. I would fully expect NSA’s “customer” CIA to ask it to track the South African and Colombian Truth and Reconciliation processes, because the CIA collaborated in the suppression of the opposition in both cases (going so far as providing the intelligence behind Nelson Mandela’s arrest in the former case). While I have no reason to expect CIA was involved in the Solomons, I would expect one or more of the myriad intelligence agencies in the Five Eyes country was, particularly given the presence of Aussie and Kiwi peacekeepers there. And they would want to know how their role were being exposed as part of the Truth and Reconciliation process. This query would likely show that.

Which brings me to the point the activist in question, Benjamin Afuga (who sometimes publishes leaked documents) made: this spying, which would definitely detail all cooperation between him and the government, might also reveal his sources.

Benjamin Afuga, the anti-corruption campaigner, said he was concerned the surveillance may have exposed some of the sources of the leaks he publishes online.

“I’m an open person – just like an open book,” Afuga said. “I don’t have anything else other than what I’m doing as a whistleblower and someone who exposes corruption. I don’t really understand what they are looking for. I have nothing to hide.”

Ah, but Afuga does have things to hide: his sources. And again, if one or another Five Eyes country had intelligence operatives involved both during the tensions and in the peace keeping process, they would definitely want to know them.

Again, this is all standard spying stuff. I expect CIA (or any other HUMINT agency) would want to know if they’re being talked about and if so by whom — I even expect CIA does a more crude version of this within the US about some of its most sensitive topics, not least because of the way they went after the SSCI Torture investigators.

But this query does provide a sense of just how powerful this spying is in a world when our communications aren’t encrypted.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Minh Quang Pham Gets His Day in Supreme Court

I’ve long been tracking the case of Minh Quang Pham, whom I call the “graphic artist of mass destruction” because he is accused of helping Samir Khan on Inspire.

He was detained in the UK back in July 2011 (see the timeline). That December, the UK government tried to strip him of citizenship, but failed because that would have left him stateless (he’s originally from Vietnam but the government doesn’t treat him as a citizen). He was quickly charged here when efforts to strip him of UK citizenship failed. But since then, his citizenship case has been wending its way through the British courts.

Throughout this period, it was not officially recognized that Pham was the guy fighting for his citizenship.

Today and yesterday, his case was finally heard before UK’s Supreme Court, and his name made public. Here’s the Open Society report on his case (which also has a timeline!).

I suppose, if Pham loses, he will be sent to NY for trial. If he wins, he will force the UK to charge him there, which for a variety of reasons may get interesting. Remember: Pham should know the informant behind the UndieBomb 2.0 attack. Which may be why everyone wants to try him over here.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Under Cover: The Targets of Stings

The NYT brought in Will Arkin (partnering with Eric Lichtblau) to talk about the proliferation of the use of undercover officials in government agencies. The Supreme Court, IRS, the Smithsonian, and DOD are all playing dress up to spy on Americans (and the IRS permits agents to pretend to be lawyers, doctors, clergy, and journalists).

The article makes it clear that — as might be imagined — the drug war is the most common focus of these undercover officers.

More than half of all the work they described is in pursuit of the illicit drug trade. Money laundering, gangs and organized crime investigations make up the second-largest group of operations.

But it doesn’t really step back and look at who else is getting targeted, which I’ve tried to lay on in this stable.

Screen shot 2014-11-16 at 12.07.12 PM

There are several concerning aspects of this list. I’m hoping the Smithsonian is using under cover officers solely to police the Holocaust and similar museums; the Holocaust museum, after all, has been targeted by a right wing terrorist recently. I might see the point on the Washington Memorial. But I do hope they’re no patrolling the Air and Space Museum because they might catch people who, like I did when I was in fifth grade, use the museum as a playground for stupid pre-teen drama while on a field trip.

DOD’s expanded use of undercover officers to target Americans is very troubling. The 9th Circuit recently threw out a conviction because the Navy had initiated the case searching data in the guise of protecting Spokane’s bases. I suspect, in response, the government will just get more assiduous at laundering such investigations. And it would be highly improper for them to do so clandestinely.

That said, this table is just as telling for what it doesn’t include as what it does.

If USDA is going undercover, why not send undercover inspectors to work in food processing plants, as a great way to not only show the food safety violations, but also the labor violations? Why not go undercover to investigate CAFOs?

The big silence, however, is about bank crime. While I’m sure SEC uses some undercover officers to investigate financial crime, you don’t hear of it anymore, since the failed Goldman prosecution. And we know FBI gave up efforts to use undercover officers to investigate (penny ante) mortgage fraud crime because, well, it just forgot.

But when DOJ’s Inspector General investigated what FBI did when it was given $196 million between 2009 and 2011 to investigate (penny ante) mortgage fraud, FBI’s focus on the issue actually decreased (and DOJ lied about its results). When FBI decided to try to investigate mortgage fraud proactively by using undercover operations, like it does terrorism and drugs, its agents just couldn’t figure out how to do so (in many cases Agents were never told of the effort), so the effort was dropped.

So it’s not just that Agencies are using undercover officers to investigate every little thing, including legitimate dissent, with too little oversight.

Its also that the government, as a whole, is using this increasingly to investigate those penny ante crimes, but not the biggest criminals, like the banksters. So long as the choice of these undercover operations reflects inherent bias (and it always has, especially in the war on drugs), then the underlying structure is illegitimate.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Jim Comey Scolds the Press for Reporting on a Court Filing

Jim Comey, seemingly intent on squandering once limitless credibility in record time, has written a letter to the NYT to explain two of the FBI’s deceptive operations reported recently. The one that’s getting the attention — his admission that an agent posed as an AP reporter to catch a teenager making bomb threats — actually comes off as the less indefensible response.

Relying on an agency behavioral assessment that the anonymous suspect was a narcissist, the online undercover officer portrayed himself as an employee of The Associated Press, and asked if the suspect would be willing to review a draft article about the threats and attacks, to be sure that the anonymous suspect was portrayed fairly.

[snip]

That technique was proper and appropriate under Justice Department and F.B.I. guidelines at the time. Today, the use of such an unusual technique would probably require higher level approvals than in 2007, but it would still be lawful and, in a rare case, appropriate.

Sure, the FBI decided to dress up as the press to catch someone who hadn’t yet done real harm. Sure, they did it to deliver malware, basically a classic hack. Sure, it could have played to this kid’s narcissistic tendencies using any number of other fake identities. Sure, this was ultimately going to get made at least as public as a court docket, which does undermine the credibility of a brand name press outlet. But it was a fairly limited operation, that wouldn’t have generated this much attention if Chris Soghoian (in the process of writing a brief to prevent the FBI to hack with even fewer limits) weren’t such a meddling hippie.

Having insulted the press by asserting that the FBI playing dress up as the press is legal (though dodging somewhat on whether to do so to catch a teenager would be “proper” today), Comey then responded to the FBI’s other recent black eye — being accused of shutting off cable and then pretending to be cable repairmen to access hotel rooms without a warrant — this way.

The Las Vegas case is still in litigation, so there is little we can say, but it would have been better to wait for the government’s response and a court decision before concluding that the F.B.I. engaged in abusive conduct.

Every undercover operation involves “deception,” which has long been a critical tool in fighting crime. The F.B.I.’s use of such techniques is subject to close oversight, both internally and by the courts that review our work.

“It would have been better to wait for the government’s response and a court decision before concluding that the F.B.I. engaged in abusive conduct”???

Now, the reason the press picked up on this story is because the well-heeled defendants have superb lawyers who wrote a brief that is both engaging and chock full of evidence. The brief starts by laying out the stakes that matter for you and I, even if in this case they affect a bunch of Malaysian men who may have ties to Asian organized crime.

The next time you call for assistance because the internet service in your home is not working, the “technician” who comes to your door may actually be an undercover government agent. He will have secretly disconnected the service, knowing that you will naturally call for help and–when he shows up at your door, impersonating a technician–let him in. He will walk through each room of your home, claiming to diagnose the problem. Actually, he will be videotaping everything (and everyone) inside. He will have no reason to suspect you have broken the law, much less probable cause to obtain a search warrant. But that makes no difference, because by letting him in, you will have “consented” to an intensive search of your home.

Jim Comey thinks the press shouldn’t report on this until after the government has had its shot at rebuttal? Does he feel the same about the army of FBI leakers who pre-empt defense cases all the time? Does Comey think it improper for his FBI to have released this press release, upon defendant Wei Seng Phua’s arrest, asserting that he is a member of organized crime as a fact and mentioning a prior arrest (not a conviction) that may or may not be deemed admissible to this case?

According to the criminal complaint, Wei Seng Phua, is known by law enforcement to be a high ranking member of the 14K Triad, an Asian organized crime group. On or about June 18, 2013, Phua was arrested in Macau, along with more than 20 other individuals, for operating an illegal sport book gambling business transacting illegal bets on the World Cup Soccer Tournament. Phua posted bail in Macau and was released. 

I didn’t see the FBI Director complaining about press stories, written in response to the press release, reported before the defense had been able to present their side.

The point is, one reason we have laws governing open access to court documents — which the government limits all the time (including with claims about a broad need to hide the methods of its deception) — is so both sides get a bid to make their case, both before judges and before the public. Another reason is so that the press can act as a check on something that may be legal, but probably shouldn’t be.

It may well be that FBI gets to use the evidence from their cable repairman scheme (given that superstar appellate lawyer Tom Goldstein is on the case, the defendants probably don’t think this is as big of a slam dunk as the press has, probably because Caesars, a competitor with the Asian mob in the gambling industry, was a willing participant in the scheme, including turning off the cable service). But that’s an entirely different question from whether they should, for precisely the reason the brief lays out: because if the FBI can turn off our cable to set up a cable repairman cover, then it undermines the principle of consensual searches.

These guys may or may not be douchebag Asian mobsters. But they are also being tried in the United States, which still subjects its criminal procedure to fairly broad but by no means unlimited press scrutiny.

Which means the press gets to weigh in. The defense gets to make their case, and if they make a compelling case, the press will report it, just as they almost always report FBI press releases on face value, as they did in this case (to say nothing of FBI’s leaks).

Jim Comey, himself a master at working the press, should expect that, and if he wants his FBI to remain credible, should ensure their undercover operations are not just “legal” and “proper” but also “wise.”

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

A Good Reason to Encrypt Your iPhone: To Prevent DEA from Creating a Fake Facebook Account

At Salon yesterday, I pushed back against the Apple hysteria again. In it, I look at the numbers that suggest far more Apple handsets are searched under the border exception than using warrants.

Encrypting iPhones might have the biggest impact on law enforcement searches that don’t involve warrants, contrary to law enforcement claims this is about warranted searches. As early as 2010, Customs and Border Patrol was searching around 4,600 devices a year and seizing up to 300 using what is called a “border exception.” That is when CBP takes and searches devices from people it is questioning at the border. Just searching such devices does not even require probable cause (though seizing them requires some rationale). These searches increasingly involve smart phones like the iPhone.

These numbers suggest border searches of iPhones may be as common as warranted searches of the devices. Apple provided account content to U.S. law enforcement 155 times last year. It responded to 3,431 device requests, but the “vast majority” of those device requests involved customers seeking help with a lost or stolen phone, not law enforcement trying to get contents off a cell phone (Consumer Reports estimates that 3.1 million Americans will have their smart phones stolen this year). Given that Apple has by far the largest share of the smart phone market in the U.S., a significant number of border device searches involving a smart phone will be an iPhone. Apple’s default encryption will make it far harder for the government to do such searches without obtaining a warrant, which they often don’t have evidence to get.

Almost 20% of Americans this year will have an iPhone, and that number will be far higher among those who fly internationally. If only 20% of 5,000 border searches involve iPhones, then there are clearly more border iPhone searches than warranted ones.

Meanwhile, we have an appalling new look at what law enforcement does once it gets inside your smart phone. A woman in Albany is suing DEA because — after she permitted DEA to conduct a consensual search of her phone — DEA then took photos obtained during the search, including one of her wearing only underwear, and made a fake Facebook page for her with them. They even sent a friend request to a fugitive and accepted other friend requests. They also posted pictures of her son and niece, on a site intended to lure those involved in the drug trade.

And they consider this a legitimate law enforcement activity!

In a court filing, a U.S. attorney acknowledges that, unbeknownst to Arquiett, Sinnigen created the fake Facebook account, posed as her, posted photos, sent a friend request to a fugitive, accepted other friend requests, and used the account “for a legitimate law enforcement purpose.”

The government’s response lays out an argument justifying Sinnigen’s actions: “Defendants admit that Plaintiff did not give express permission for the use of photographs contained on her phone on an undercover Facebook page, but state the Plaintiff implicitly consented by granting access to the information stored in her cell phone and by consenting to the use of that information to aid in an ongoing criminal investigations [sic].”

To be sure, DEA and FBI would still be able to obtain consensual access to phones, as they did in this case, by threatening people with harsher charges if they don’t cooperate (which appears to be how they got her to cooperate).

But this demonstrates just how twisted is the government’s view of legitimate use of phone data. The next time you hear a top officer wail about pedophiles, you might ask whether they’re actually the one planning to post sexy pictures.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.