President Obama just issued an Executive Order that directs Department of Treasury to impose sanctions on people who engage in “significant malicious cyber-enabled activities.” The move has been reported as a means to use the same kind of sanctions against significant hackers as we currently used against terrorists, proliferators, drug cartels, and other organized crime.
Regardless of whether you think this will do any good to combat hacking, I have several concerns about this.
First, at one level, the EO targets those who “harm, or otherwise significantly compromis[e] the provision of services by, a computer or network of computers that support one or more entities in a critical infrastructure sector.” But remember, our definition of critical infrastructure is absurdly broad, including things like a Commercial Facilities sector that includes things like motion picture studios — which is how Sony Pictures came to be regarded as critical infrastructure — and even things like campgrounds.
And it’s actually not just critical infrastructure. It also targets people who “caus[e] a significant disruption to the availability of a computer” and those who “caus[e] a significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain.” I can envision how this EO might be ripe for abuse.
But it gets worse. The EO targets not just the hackers themselves, but also those who benefit from or materially support hacks. The targeting of those who are “responsible for or complicit in … the receipt or use for commercial or competitive advantage … by a commercial entity, outside the United States of trade secrets misappropriated through cyber-enabled means, … where the misappropriation of such trade secrets is reasonably likely to result in, or has materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States” could be used to target journalism abroad. Does WikiLeaks’ publication of secret Trans-Pacific Partnership negotiations qualify? Does Guardian’s publication of contractors’ involvement in NSA hacking?
And the EO creates a “material support” category similar to the one that, in the terrorism context, has been ripe for abuse. Its targets include those who have “provided … material, or technological support for, or goods or services in support of” such significant hacks. Does that include encryption providers? Does it include other privacy protections?
Finally, I’m generally concerned about this EO because of the way National Emergencies have served as the justification for a lot of secret spying decisions. Just about every application to the FISC for some crazy interpretation of surveillance laws in the name of counterterrorism founds their justification neither in the September 17, 2001 Finding authorizing covert actions against al Qaeda nor the September 18, 2001 AUMF, but instead in President Bush’s declaration of a National Emergency on September 14, 2001. I’m not sure precisely why, but that’s what the Executive has long used to convince FISC that it should rubber stamp expansive interpretations of surveillance law. So I assume this declaration could be too.
In other words, the sanctions regime may well be the least of this EO.
The FOIA for records on FBI’s surveillance of WikiLeaks supporters substantially ended yesterday (barring an appeal) when Judge Barbara Rothstein ruled against EPIC. While she did order National Security Division to do a more thorough search for records, she basically said the agencies had properly withheld records under Exemption 7(A) for its “multi-subject investigation into the unauthorized disclosure of classified information published on WikiLeaks, which is ‘still active and ongoing’ and remains in the investigative stage.” (Note, the claim that the investigation is still in what FBI calls an investigative stage, which I don’t doubt, is nevertheless dated, as the most recent secret declarations in this case appear to have been submitted on April 25, 2014, though Rothstein may not have read them until after she approved such ex parte submissions on July 29 of last year.)
In so ruling, Rothstein has dodged a key earlier issue, which is that all three entities EPIC FOIAed (DOJ’s Criminal and National Security Division and FBI) invoked a statutory Exemption 3 from FOIA, but refused to explain what statute they were using.
2 Defendants also rely on Exemptions 1, 3, 5, 6, 7(C), 7(D), 7(E), and 7(F). The Court, finding that Exemption 7(A) applies, does not discuss whether these alternative exemptions may apply.
I have argued — and still strongly suspect — that the government was relying, in part, on Section 215 of PATRIOT, as laid out in this post.
In addition to the Exemption 3 issue Rothstein dodged, though, there were three other issues that were of interest in this case.
First, we’ve learned in the 4 years since EPIC filed this FOIA that their request falls in the cracks of the language the government uses about its own surveillance (which it calls intelligence, not surveillance). EPIC asked for:
As I’ve pointed out in the past, if the FBI obtained datasets rather than lists of the people who supported WikiLeaks from Facebook, Google, Visa, MasterCard, and PayPal, FBI would be expected to deny it had lists of such supporters, as it has done. We’ve since learned about the extent to which it does collect datasets when carrying out intelligence investigations.
Then there’s our heightened understanding of the words “target” and “surveillance” which are central to request 1. The US doesn’t target a lot of Americans, but it does collect on them. And when it does so — even if it makes queries that return their identifiers — it doesn’t consider that “surveillance.” That is, the FBI would only admit to having responsive data to request 1 if it were obtaining FISA or Title III warrants against mere supporters of WikiLeaks, rather than — say — reading their email to Julian Assange, whom FBI surely has targeted and still targets under Section 702 and other surveillance authorities, or even, as I guarantee you has happened, looked up people after the fact and discovered they had previous conversations with Assange. We’ve even learned that NSA collects vast amounts of Internet communications that talk “about” a targeted person’s selector, meaning that Americans’ communications might be pulled if they used WikiLeaks or Assange’s Internet identifiers in the body of their emails or chats. None of that would count as “targeted” “surveillance,” but it is presumably among the kinds of things EPIC had in mind when it tried to learn how FBI’s investigation of WikiLeakas was implicating completely innocent supporters.
I noted the way FBI’s declaration skirted both these issues some years ago, and everything we’ve learned since only raises the likelihood that FBI is playing a narrow word game to claim that it doesn’t have any responsive records, but out of an act of generosity it nevertheless considered the volumes of FBI records that are related to the request that it nevertheless has declared 7(A) over. Rothstein’s order replicates the use of the word “targeting” to discuss FBI’s search, suggesting the distinction is as important as I suspect.
Plaintiff first argues that the release of records concerning individuals who are simply supporting WikiLeaks could not interfere with any pending or reasonably anticipated enforcement proceeding since their activity is legal and protected by the First Amendment. Pl.’s Cross-Mot. at 14. This argument is again premised on Plaintiff’s speculation that the Government’s investigation is targeting innocent WikiLeaks supporters, and, for the reasons previously discussed, the Court finds it lacks merit.
All of which brings me to the remaining interesting subtext of this ruling.
Five years after the investigation into WikiLeaks must have started in earnest, 20 months after Chelsea Manning was found guilty for leaking the bulk of the documents in question, and over 10 months since Rothstein’s most recent update on the “investigation” in question, Rothstein is convinced these records may adequately be withheld because there is an active investigation.
While it’s possible DOJ is newly considering charges related to other activities of WikiLeaks — perhaps charges relating to WikiLeaks’ assistance to Edward Snowden in escaping from Hong Kong, though like Manning’s verdict, that was over 20 months ago — it’s also very likely the better part of whatever ongoing investigation into WikiLeaks is ongoing is an intelligence investigation, not a criminal one. (See this post for my analysis of the language they used last year to describe the investigation.)
Rothstein is explicit that DOJ still has — or had, way back when she read fresh declarations in the case — a criminal investigation, not just an intelligence investigation (which might suggest Assange’s asylum in the Ecuador Embassy in London is holding up something criminal).
In stark contrast to the CREW panel, this Court is persuaded that there is an ongoing criminal investigation. Unlike the vague characterization of the investigation in CREW, Defendants have provided sufficient specificity as to the status of the investigation, and sufficient explanation as to why the investigation is of long-term duration. See e.g., Hardy 4th Decl. ¶¶ 7, 8; Bradley 2d Decl. ¶ 12; 2d Cunningham Decl. ¶ 8.
Yet much of her language (which, with one exception, relies on the earliest declarations submitted in this litigation) sounds like that reflecting intelligence techniques as much as criminal tactics.
Here, the FBI and CRM have determined that the release of information on the techniques and procedures employed in their WikiLeaks investigation would allow targets of the investigation to evade law enforcement, and have filed detailed affidavits in support thereof. Hardy 1st Decl. ¶ 25; Cunningham 1st Decl. ¶ 11. As Plaintiff notes, certain court documents related to the Twitter litigation have been made public and describe the agencies’ investigative techniques against specific individuals. To the extent that Plaintiff seeks those already-made public documents, the Court is persuaded that their release will not interfere with a law enforcement proceeding and orders that Defendants turn those documents over.
In the instant case, releasing all of the records with investigatory techniques similar to that involved in the Twitter litigation may, for instance, reveal information regarding the scope of this ongoing multi-subject investigation. This is precisely the type of information that Exemption 7(A) protects and why this Court must defer to the agencies’ expertise.
I’m left with the impression that FBI has reams of documents responsive to what EPIC was presumably interested in — how innocent people have had their privacy compromised because they support a publisher the US doesn’t like — but that they’re using a variety of tired dodges to hide those documents.
Thanks to Chelsea Manning, we know that almost exactly five years ago, the US Ambassador to Saudi Arabia James Smith met with the then Assistant Minister for Defense Khalid bin Sultan about a disastrous Saudi air attack on a Houthi hospital on the Yemeni-Saudi border that killed a thousand people, many civilians. Prince Khalid used the American scolding not only to redouble his requests for US satellite assistance targeting Houthis — with more accuracy, Khalid suggested, the Saudis might kill fewer civilians — but also to ask for Predator drones.
IF WE HAD THE PREDATOR, THIS MIGHT NOT HAVE HAPPENED
¶3. (S/NF) Upon seeing the photograph, Prince Khalid remarked, “This looks familiar,” and added, “if we had the Predator, maybe we would not have this problem.” He noted that Saudi Air Force operations were necessarily being conducted without the desired degree of precision, and recalled that a clinic had been struck, based on information received from Yemen that it was being used as an operational base by the Houthis. Prince Khalid explained the Saudi approach to its fight with the Houthis, emphasizing that the Saudis had to hit the Houthis very hard in order to “bring them to their knees” and compel them to come to terms with the Yemeni government. “However,” he said, “we tried very hard not to hit civilian targets.” The Saudis had 130 deaths and the Yemenis lost as many as one thousand. “Obviously,” Prince Khaled observed, “some civilians died, though we wish that this did not happen.”
The attack on the hospital and the Saudi request for more war toys all took place amid assurances that the strikes on the Houthis would “bring them to their knees” which would in turn lead to a lasting ceasefire, which would free up Saudi attention to go after al Qaeda, the ostensible purpose for US intelligence cooperation in the first place.
In the interim five years, a few key developments have happened. Back in 2011, after JSOC couldn’t seem to get clean intelligence on Anwar al-Awlaki, the US built a drone base on the Saudi border that magically managed to find and kill the cleric within months.
More recently, Houthis have brought their fight to Sanaa and beyond, overthrowing the US and Gulf Cooperation Council selected President Abdo Rabi Mansour Hadi. In the wake of what the government has deemed (unlike Egypt) a coup, the US and most western governments have withdrawn embassy personnel, an action that will have little effect on their security but significant effect on the legitimacy of the Houthi-run government.
And now, just in time, the State Department has rolled out a framework under which the US will sell drones to our allies.
But don’t worry! State has included a bunch of rules that cover precisely the same concerns Ambassador Smith voiced 5 years ago in the face of evidence the Saudis were targeting civilians in an effort to “bring them to their knees.”
As the most active user of military UAS, and as an increasing number of nations are acquiring and employing UASs to support a range of missions, the United States has an interest in ensuring that these systems are used lawfully and responsibly. Accordingly, under the new UAS export policy, the United States will require recipients of U.S.-origin military UAS to agree to the following principles guiding proper use before the United States will authorize any sales or transfers of military UASs:
- Recipients are to use these systems in accordance with international law, including international humanitarian law and international human rights law, as applicable;
- Armed and other advanced UAS are to be used in operations involving the use of force only when there is a lawful basis for use of force under international law, such as national self-defense;
- Recipients are not to use military UAS to conduct unlawful surveillance or use unlawful force against their domestic populations; and
- As appropriate, recipients shall provide UAS operators technical and doctrinal training on the use of these systems to reduce the risk of unintended injury or damage.
Compare those guidelines with the assessment Ambassador Smith conducted 5 years ago to clear the Saudis for increased sharing of satellite data.
¶2. (S/NF) Ambassador Smith delivered points in reftel to Prince Khaled on February 6, 2010. The Ambassador highlighted USG concerns about providing Saudi Arabia with satellite imagery of the Yemen border area absent greater certainty that Saudi Arabia was and would remain fully in compliance with the laws of armed conflict during the conduct of military operations, particularly regarding attacks on civilian targets. The Ambassador noted the USG’s specific concern about an apparent Saudi air strike on a building that the U.S. believed to be a Yemeni medical clinic. The Ambassador showed Prince Khaled a satellite image of the bomb-damaged building in question.
¶6. (S/NF) Prince Khaled, in addressing the Ambassador’s concerns about possible targeting of civilian sites appeared neither defensive nor evasive. He was unequivocal in his assurance that Saudi military operations had been and would continue to be conducted with priority to avoiding civilian casualties. The Ambassador found this assurance credible, all the more so in light of Prince Khaled’s acknowledgment that mistakes likely happened during the strikes against Houthi targets, of the inability of the Saudi Air Force to operate with adequate precision, and the unreliability of Yemeni targeting recommendations. Based on these assurances, the Ambassador has approved, as authorized in reftel, the provision of USG imagery of the Yemeni border area to the Saudi Government. While the fighting with the Houthis appears to be drawing to a close, the imagery will be of continuing value to the Saudi military to monitor and prevent Houthi incursions across the border as well as enhancing Saudi capabilities against Al-Qaeda activities in this area.
Call me crazy, but given Prince Khalid’s determination to bring the Houthis to their knees, I’m unimpressed with Ambassador’s Smith assessment that the Saudis were adequately protecting civilians (indeed, some of our most catastrophic strikes in Yemen appear to have relied on Saudi intelligence).
Nothing has changed in the interim 5 years — beyond even more tolerance for Saudi repression amid the rise of an Islamic State for which KSA has been an ideological fount.
I assume the Saudis will be among the first that get approved for a set of drones. Hell, they’ve surely got practice in using them at the Saudi drone base, and they already have their base from which to target the Houthis.
The question is whether that will do anything for Yemen, or even for US interests.
Aside from the drone manufacturers, of course.
The other day, Marc Lynch wrote a piece posing these questions about the ISIS advance in Iraq.
The more interesting questions are about Iraq itself. Why are these cities falling virtually without a fight? Why are so many Iraqi Sunnis seemingly pleased to welcome the takeover from the Iraqi government by a truly extremist group with which they have a long, violent history? Why are Iraqi Sunni political factions and armed groups, which previously fought against al-Qaeda in Iraq, now seemingly cooperating with ISIS? Why is the Iraqi military dissolving rather than fighting to hold its territory? How can the United States help the Iraqi government fight ISIS without simply enabling Prime Minister Nouri al-Maliki’s authoritarianism and sectarianism?
The most important answers lie inside Iraqi politics. Maliki lost Sunni Iraq through his sectarian and authoritarian policies. His repeated refusal over long years to strike an urgently needed political accord with the Sunni minority, his construction of corrupt, ineffective and sectarian state institutions, and his heavy-handed military repression in those areas are thekey factors in the long-developing disintegration of Iraq.
President Obama alluded similarly to Maliki’s failures in the comments he just made (will update when the transcript becomes available).
One challenge the US is facing as it tries to prevent the complete disintegration of the Middle East is that Nuri al-Maliki, long our (forced) partner in governing Iraq, has chosen the path of corruption and repression. Maliki largely enabled the assault in Iraq.
On February 28, 2013, Chelsea Manning made a statement before her providence inquiry. As part of that, she explained why she leaked details of the abusive crackdowns by the Iraqi Federal Police.
On 27 February 2010, a report was received from a subordinate battalion. The report described an event in which the FP detained fifteen (15) individuals for printing “anti-Iraqi literature.” By 2 March 2010, I received instructions from an S3 section officer in the 2-10BCT Tactical Operations Center to investigate the matter, and figure out who these “bad guys” were, and how significant this event was for the FP.
Over the course of my research, I found that none of the individuals had previous ties with anti-Iraqi actions or suspected terrorist or militia groups. A few hours later, I received several photos from the scene from the subordinate battalion.
I printed a blown up copy of the high-resolution photo, and laminated it for ease of storage and transfer. I then walked to the TOC and delivered the laminated copy to our category 2 interpreter. She reviewed the information and about a half-hour later delivered a rough written transcript in English to the S2 section.
I read the transcript, and followed up with her, asking for her take on its contents. She said it was easy for her to transcribe verbatim since I blew up the photograph and laminated it. She said the general nature of the document was benign. The documentation, as I assessed as well, was merely a scholarly critique of the then-current Iraqi Prime Minister, Nouri al-Maliki. It detailed corruption within the cabinet of al-Maliki’s government, and the financial impact of this corruption on the Iraqi people.
After discovering this discrepancy between FP’s report, and the interpreter’s transcript, I forwarded this discovery, in person to the TO OIC and Battle NCOIC.
The TOC OIC and, the overhearing Battlecaptain, informed me they didn’t need or want to know this information any more. They told me to “drop it” and to just assist them and the FP in finding out where more of these print shops creating “anti-Iraqi literature” might be. I couldn’t believe what I heard, (24-25)
Manning, we’ve been told over and over again, was not a whistleblower. Because, I guess, Maliki’s corruption and repression were not a problem in 2010?
Yesterday, The Register published what it claims is the story that led GCHQ to destroy the Guardian’s hard drives: the location of a key GCHQ base in the Middle East and its relationships with British Telecom and Vodaphone.
The secret British spy base is part of a programme codenamed “CIRCUIT” and also referred to as Overseas Processing Centre 1 (OPC-1). It is located at Seeb, on the northern coast of Oman, where it taps in to various undersea cables passing through the Strait of Hormuz into the Persian/Arabian Gulf. Seeb is one of a three site GCHQ network in Oman, at locations codenamed “TIMPANI”, “GUITAR” and “CLARINET”. TIMPANI, near the Strait of Hormuz, can monitor Iraqi communications. CLARINET, in the south of Oman, is strategically close to Yemen.
British national telco BT, referred to within GCHQ and the American NSA under the ultra-classified codename “REMEDY”, and Vodafone Cable (which owns the former Cable & Wireless company, aka “GERONTIC”) are the two top earners of secret GCHQ payments running into tens of millions of pounds annually.
The Brits would have you believe — and I have no reason to doubt them — that this cable landing in Oman is one of the key points in their surveillance infrastructure.
I raise this because of a cable listing the globe’s critical infrastructure — and fearmongering surrounding it — that Chelsea Manning leaked to Wikileaks. As I noted at the time, while the cable lists a slew of cable landings as critical infrastructure sites — including the Hibernia Atlantic undersea cable landing in Dublin, which gets mentioned in the Register story — it does not list a single cable landing site in the Middle East.
Bab al-Mendeb: Shipping lane is a critical supply chain node
‘Ayn Sukhnah-SuMEd Receiving Import Terminal
‘Sidi Kurayr-SuMed Offloading Export Terminal
Strait of Hormuz
Khark (Kharg) Island Sea Island Export Terminal
Khark Island T-Jetty
Al-Basrah Oil Terminal
Rafael Ordnance Systems Division, Haifa, Israel: Critical to Sensor Fused Weapons (SFW), Wind Corrected Munitions Dispensers (WCMD), Tail Kits, and batteries
Mina’ al Ahmadi Export Terminal
Strait of Gibraltar
Maghreb-Europe (GME) gas pipeline, Morocco
Strait of Hormuz
Ras Laffan Industrial Center: By 2012 Qatar will be the largest source of imported LNG to U.S.
Abqaiq Processing Center: Largest crude oil processing and stabilization plant in the world
Al Ju’aymah Export Terminal: Part of the Ras Tanura complex
As Saffaniyah Processing Center
Qatif Pipeline Junction
Ras at Tanaqib Processing Center
Ras Tanura Export Terminal
Shaybah Central Gas-oil Separation Plant
Trans-Med Gas Pipeline
United Arab Emirates (UAE):
Das Island Export Terminal
Jabal Zannah Export Terminal
Strait of Hormuz
Bab al-Mendeb: Shipping lane is a critical supply chain node
Note, Bahamas’ telecom, which recent reporting has also noted is critical to NSA’s spying, also gets no mention.
That’s not surprising in the least. The cable (and the list) is classified Secret. NSA and GCHQ’s prime collection points are (as the Register notes) classified several levels above Top Secret.
And while the list provided some indication of what sites were significant by their absence, it’s likely that the sites that were listed were the relatively unimportant sites.
At trial, Manning’s lawyers repeatedly point out that she had chosen not to leak stuff from JWICS, which would be classified at a higher level. The stuff she leaked, which she got on SIPRNET, was by definition less sensitive stuff.
I don’t mean to suggest this reflects on the relative value of what either Edward Snowden or Chelsea Manning leaked. I think it is a good indication, though, of how unfounded a lot of the fear mongering surrounding this particular leaked cable was.
The report, as anticipated, doesn’t appear to talk about actual damage DOD has suffered. Instead, it appears to talk about the damage that might happen if the information that has been “compromised” (that is, accessed by Snowden’s scraper) actually gets released.
But we can’t really tell because the report is heavily redacted (the screen shot here and the top of the first page is the most intact section of the report).
A congressional staffer who is familiar with the report’s findings said that the lawmakers chose to make some of its contents public in order to counter what they see as a false impression of Snowden as a principled whistleblower who disclosed abuses of power.
“Snowden has been made out by some people to be a hero. What we need to do is really look at the effect of his leaks and see that what he’s done is really harm our country and put citizens at risk. The purpose [of releasing some findings] is to clear the record and show that he’s not a hero,” the staffer told Foreign Policy.
The staffer said that the administration approved the information that the lawmakers disclosed in advance.
Which makes the timing of this even weirder. It took the Administration no more than 23 days to provide the report to Mike Rogers and Dutch Ruppersberger and then approve the language they went on to blab.
But it has taken DOD around 4 months — and a lawsuit — for Leopold to get what little he got.
And, as he mentions in his story, he hasn’t even gotten the information that must be among the information okayed for blabbing
Here’s the information (italicized) that must have been okayed for blabbing.
A Pentagon review has concluded that the disclosure of classified documents taken by former NSA contractor Edward Snowden could “gravely impact” America’s national security and risk the lives of U.S. military personnel, and that leaks to journalists have already revealed sources and methods of intelligence operations to America’s adversaries. At least, that’s how two members of Congress who have read the classified report are characterizing its findings. But the lawmakers — who are working in coordination with the Obama administration and are trying to counter the narrative that Snowden is a heroic whistleblower — offered no specific examples to substantiate their claims.
In harsh language that all but accused Snowden of treason, the top members of the House Intelligence Committee said the report shows that Snowden downloaded “1.7 million intelligence files,” which they described as “the single largest theft of secrets in the history of the United States.”
While the phrase “will have a GRAVE impact on U.S. national defense” [caps original] is unredacted in the report, neither the number — 1.7 million intelligence files” — nor the superlative claim — “the single largest theft of secrets in the history of the US” — appears unredacted in Leopold’s version of the report.
That is, either Rogers and Ruppersberger made that shit up. Or the Obama Administration is selectively declassifying again.
And taking their sweet time to do so.
It said it still must withhold all documents responsive to EPIC’s FOIA because two investigations pertaining to WikiLeaks are ongoing: Chelsea Manning’s appeal, and the investigation into WikiLeaks proper.
There are at least two separate categories of “enforcement proceedings” relevant to defendants’ Exemption 7(A) analysis, and those two separate categories of law enforcement proceedings are progressing on different tracks. One set consists of those enforcement proceedings directly related to the military prosecution of Army Pfc. Manning, which falls within the jurisdiction of the Department of Defense (“DoD”). Since this case was originally briefed, Manning was tried and convicted by a military court, as noted above. The court-martial remains ongoing, in the appellate phase.
The second type of enforcement proceeding, generally, is the DOJ’s civilian criminal/national security investigation(s) into the unauthorized disclosure of classified information that was published on the WikiLeaks website. The investigation of the unauthorized disclosure is a multi-subject investigation and is still active and ongoing. While there have been developments in the investigation over the last year, the investigation generally remains at the investigative stage. It is this second category of enforcement proceeding that is actually more central to defendants’ Exemption 7(A) withholdings in this case.
Note, DOJ says the investigation is “multi-subject.” Further, it describes it as an “civilian criminal/national security” investigation.
It’s worth noting that the sealed declaration providing more detail on the investigation comes from Mark Bradley, in DOJ’s National Security Division, not from FBI. (I take my observation that the sealed declaration is from Bradley back: the motion is inconsistent on whom the sealed declaration is from. While the table on page 4 lists Bradley, it says the declaration is from FBI. The reference to a fourth declaration from David Hardy on page 9 suggests the declaration is from him.)
I’ll have a bit more to say about this later.
Update: One more observation: the description says there are “at least two” separate categories, suggesting there may be still another investigative matter.
As I noted in this post, the declaration submitted in EFF’s FOIA for Section 215 by ODNI’s Jennifer Hudson is remarkably revealing. I’m particularly intrigued by these comments about the financial dragnet order released on March 28.
A FISC Supplemental Order in BR 10-82, dated November 23, 2010 and consisting of two pages, has been withheld in part to protect certain classified and law enforcement sensitive information. The case underlying BR 10-82 is an FBI counterterrorism investigation of a specific target. That investigation is still pending. Here, in the course of a pending counterterrorism investigation, the FBI sought authorization under the FISA to obtain financial records, under the FISA’s business records provision, pertaining to the target of the investigation and in fact obtained such authorization.
Here, in the course of a pending counterterrorism investigation, the FBI sought authorization under the FISA to obtain certain financial records. The FISC Supplemental Order, which was issued in relation to its authorization for such collection, was thus compiled for law enforcement purposes, in furtherance of a national security investigation within the FBI’s authorized law enforcement duties.
Here, the FBI has determined that the release of the final paragraph of the order, which describes certain requirements reflecting the FBI’s particular implementation of the authority granted by the FISC, could reasonably be expected to adversely impact the pending investigation and any resulting prosecutions. Release of this paragraph would reveal the specific and unique implementation requirements imposed on the FBI under this FISA-authorized collection during a particular time period. It is unclear what and how much the target might already know about the FBI’s investigation. However, as more fully explained in my classified ex parte, in camera declaration, there is reason to believe that the target or others knowledgeable about the nature and timing of the investigation could piece together this information, the docket number, the dates of the collection, and other information which has already been released or deduced to assemble a picture that would reveal to the target that the target was the subject of a particular type of intelligence collection during a specific time period, and by extension, that the target’s associates during that period may have been subject to similar intelligence collections. This could lead the target to deduce the scope, focus, and direction of the FBI’s investigative efforts, and potentially any gaps in the collections, from which the target could deduce times when the target’s activities were “safe.” [my emphasis]
The bolded section says that certain people — the target, but also “others knowledgeable about the nature and timing of the investigation” — could put the financial dragnet request together with other information released or deduced to figure out that the target and his associates had had their financial data collected.
Gosh, that’s like waving a flag at anyone who might be “knowledgeable about the nature of the investigation.”
What counterterrorism investigation has generated sufficient attention such that not only the target, but outsiders, would recognize this order pertains the investigation in question? The investigation would be:
The CIA & etc. Money Order Orders
One obvious possibility is the generalized CIA investigation into Western Union and international money transfers reported by WSJ and NYT last year. While both stories said the CIA got these orders, I suggested it likely that FBI submitted the orders and disseminated the information as broadly as FBI’s information sharing rules allowed, not least because CIA has no analytical advantage on such orders, as NSA would have for the phone dragnet.
There are two reasons this is unlikely. First, there’s the timing. The WSJ version of the story, at least, suggested this had been going on some time, before 2010. If that’s the case, then there’s no reason to believe a new order in 2010 reviewed this issue. And while I don’t think the 2010 order necessarily indicates the first financial 215 order (after all, it took 2.5 years before FISC weighed the equivalent question in the phone dragnet), it is unlikely that this order comes from an existing program.
That’s true, too, because this seems to be tied to a specific investigation, rather than the enterprise counterterrorism investigation that underlies the phone dragnet (and presumably the CIA program). So while this practice generated enough attention to be the investigation, I doubt it is.
The Scary Car Broker Plot
Then there’s what I call the Scary Car Broker Plot, which I wrote about here. Basically, it’s a giant investigation into drug trafficking from Colombia through Western Africa that contributes some money to Hezbollah and therefore has been treated as a terror terror terror investigation when in reality it is a drug investigation. Treasury named Ayman Joumaa, the ultimate target of that investigation, a Specially Designated Trafficker in February 2011, so presumably the investigation was very active in November 2010, when FISC issued the order. The case’s domestic component involves the car broker businesses of a slew of (probably completely innocent) Lebanese-Americans, who did business with the larger network via wire transfers.
The Car Buyers also received wire transfers for the purpose of buying and shipping used cars from other account holders at the Lebanese Banks (“Additional Transferors”), including the OFAC-designated Phenicia Shipping (Offshore); Ali Salhab and Yasmin Shipping & Trading; Fadi Star and its owners, Mohammad Hammoud and Fadi Hammoudi Fakih for General Trade, Khodor Fakih, and Ali Fakih; and Youssef Nehme.
Perhaps most interesting, the government got at these businessmen by suing them, rather than charging them, which raised significant Fifth Amendment Issues. So between that tactic and Joumaa’s rather celebrated status, I believe this is a possible case. And the timing — from 2007 until 2011, when Joumaa got listed — would certainly make sense.
All that said, this aspect of the investigation was made public in the suit naming the car brokers, so FBI would be hard-pressed to claim that providing more details would compromise the investigation.
HSBC’s Material Support for Terrorism
Then there’s a very enticing possibility: that this is an investigation into HSBC for its material support for terrorism, in the form of providing cash dollars to the al Rajhi bank which went on to support terrorist attacks (including 9/11).
HSBC’s wrist slap for money laundering is one of the most noted legal atrocities in recent memory, but most people focus on the bank’s role laundering money for drug cartels. Yet as I’ve always emphasized, HSBC also played a key role in providing money to al Qaeda-related terrorists.
As the Permanent Subcommittee on Investigations’ report made clear, HSBC’s material support for terror continued until 2010.
After the 9-11 terrorist attack in 2001, evidence began to emerge that Al Rajhi Bank and some of its owners had links to financing organizations associated with terrorism, including evidence that the bank’s key founder was an early financial benefactor of al Qaeda. In 2005, HSBC announced internally that its affiliates should sever ties with Al Rajhi Bank, but then reversed itself four months later, leaving the decision up to each affiliate. HSBC Middle East, among other HSBC affiliates, continued to do business with the bank.
Due to terrorist financing concerns, HBUS closed the correspondent banking and banknotes accounts it had provided to Al Rajhi Bank. For nearly two years, HBUS Compliance personnel resisted pressure from HSBC personnel in the Middle East and United States to resume business ties with Al Rajhi Bank. In December 2006, however, after Al Rajhi Bank threatened to pull all of its business from HSBC unless it regained access to HBUS’ U.S. banknotes program, HBUS agreed to resume supplying Al Rajhi Bank with shipments of U.S. dollars. Despite ongoing troubling information, HBUS provided nearly $1 billion in U.S. dollars to Al Rajhi Bank until 2010, when HSBC decided, on a global basis, to exit the U.S. banknotes business. HBUS also supplied U.S. dollars to two other banks, Islami Bank Bangladesh Ltd. and Social Islami Bank, despite evidence of links to terrorist financing. Each of these specific cases shows how a global bank can pressure its U.S. affiliate to provide banks in countries at high risk of terrorist financing with access to U.S. dollars and the U.S. financial system. [my emphasis]
Now, the timing may match up here, and I’d really love for a bankster to be busted for supporting terrorism. Plus, an ongoing investigation into this part of HSBC’s crimes might explain why Lanny Breuer said nothing about it when he announced the settlement with HSBC. But I doubt this is the investigation. That’s because former Treasury Undersecretary for Terrorism and Financial Intelligence Stuart Levey moved to HSBC after this point in time, in large part in a thus-far futile attempt to try to clean up the bank. And I can’t imagine a lawyer could ethically take on this role while (presumably) knowing about such seizures. Moreover, as the PSI report made clear, there are abundant other ways to get at the kind of data at issue in the HSBC investigation without Section 215 orders.
Who am I kidding? This DOJ won’t ever really investigate a bank!
WikiLeaks the Aider of Al Qaeda
I realize these three possibilities do not exhaust the list of sufficiently significant and sufficiently old terrorism investigations that might be the target named in the order. So I’m happy to hear other possibilities.
But there is one other investigation that is a near perfect fit for almost all the description provided by Hudson: WikiLeaks.
As I’ve reported, EPIC sued to enforce a FOIA for records the FBI has on investigations into WikiLeaks supporters. The FOIA asked for and FBI did not deny having, among other things, financial records.
All records of any agency communications with financial services companies including, but not limited to Visa, MasterCard, and PayPal, regarding lists of individuals who have demonstrated, through monetary donations or other means, support or interest in WikiLeaks.
In addition to withholding information that they apparently have because of an ongoing investigation (though the Judge has required the government to confirm it is still ongoing by April 25), the government also claimed exemption under a statute that they bizarrely refused to name. I speculated four months before Edward Snowden’s leaks that that statute was Section 215.
And the timing on this investigation is a perfect fit. On November 3, 2010, Joint Terrorism Task Force Officer Darin Louck seized David House’s computer as he came across the border from Mexico. While House refused to give the government his encryption passwords, the seizure makes it clear FBI was targeting WikiLeaks supporters. Then, according Alexa O’Brien, on November 21, 2010, a report on the upcoming Cablegate release was included in President Obama’s Daily Brief. The government spent the weeks leading up to the first releases in Cablegate on November 28, 2010 scrambling to understand what might be in them. On December 4, PayPal started refusing donations to WikiLeaks. And on December 6, Eric Holder stated publicly he had authorized extraordinary investigative measures “just last week.”
Nor would he say whether the actions involved search warrants, requests under the Foreign Intelligence Surveillance Act, which authorizes wiretaps or other means, describing them only as “significant.”
“I authorized just last week a number of things to be done so that we can, hopefully, get to the bottom of this and hold people accountable as they should be,” he said.
December 6 was a Monday and technically Tuesday, November 23 would have been 2 weeks earlier, just 2 days before Thanksgiving. But a Section 215 order doesn’t require AG approval, and indeed, dragnet orders often generate leads for more intrusive kinds of surveillance.
Moreover, according to Hudson’s declaration, this order did precisely what EPIC’s FOIA seems to confirm FBI did, investigate not just Julian Assange, but also his associates (also known as supporters), including WikiLeaks donors.
The only thing — and it is a significant thing — that would suggest this guess is wrong is Hudson’s description of this as a “counterterrorism” investigation and not a “counterespionage” investigation (which is how Holder was discussing it in December 2010).
But that doesn’t necessarily rule WikiLeaks out. As noted above, already by early November 2010, the FBI had JTTF agents involved in the investigation. And central to the government’s failed claim that Chelsea Manning had aided the enemy was that she had made the Afghan war logs available knowing (from the DIA report she accessed) that the government worried about al Qaeda accessing such things, and that some Afghan war logs were found at Osama bin Laden’s compound. So the government clearly has treated its WikiLeaks investigation as a counterterrorism investigation.
Moreover, all Hudson’s declaration claims is that the government currently considers this a counterterrorism investigation. Section 215 can be used for counterintelligence investigations (as I’ve noted over and over). Since the Osama bin Laden raid revealed al Qaeda had accessed cables, the government has maintained that it does involve al Qaeda. So it may be that Hudson’s reference to the investigation as a counterterrorism investigation only refers to its current status, and not the status used to obtain the order in 2010.
That said, Hudson also provided a classified version of her statement to Judge Yvonne Gonzales Rogers, and I can’t imagine she’d try to pitch the WikiLeaks case as a counterterrorism one if a judge actually got to check her work. But you never know!
It’s likely that I’m forgetting a very obviously publicly known counterterrorism investigation.
But I think it possible that either the Scary Car Broker plot or WikiLeaks is the target named in the order.
Back in 2011, the Electronic Privacy Information Center sued to enforce a FOIA for documents on FBI’s investigation of WikiLeaks supporters. In response, the government cited an ongoing investigation exemption. But they also cited a statutory exemption, claiming some law prevented them from releasing the records on investigations into WikiLeaks supporters. Unusually, DOJ refused to name the law in question. For that reason, and because my suspicions of how Section 215 gets used suggested it would make a spectacular tool for investigating a group of WikiLeaks supporters, I suggested that the statute was likely Section 215.
Since then, we’ve seen indications of NSA involvement in the investigation into WikiLeaks, though without any details from before EPIC’s FOIA.
And until March 11, that’s where things stood, with the government claiming it couldn’t release records about its investigation into completely innocent supporters of a publishing outlet and the judge (who had been newly assigned to the case in April 2013) doing nothing with the government’s motion for summary judgement.
On March 11, however, Judge Barbara Jacobs Rothstein ordered DOJ and EPIC to submit briefs updating her on the status of the investigation into WikiLeaks and with it the government’s ongoing investigation exemption, but not its claimed statutory exemption.
The Court takes judicial notice that events have transpired during that time that may cause the government’s position to to have changed. Therefore, the Court instructs the government to update its position regarding Plaintiff’s FOIA request, particularly with respect to the government’s invocation of exemption 7(A).
The language of her order suggests two things. First, if Rothstein is asking whether the 7(A) ongoing investigation exemption remains active, it suggests she’s may not accept the government’s statutory exemption 3 to completely withhold these documents. And she doesn’t say what the “events” that “have transpired” are, but it’s probably not any developments in the WikiLeaks investigation, as that’s what she says she doesn’t know. That makes it likely the Snowden leaks and related official disclosures have made the exemption 3, the basis for which she knows about from classified declarations, moot.
That’s all tea leaf reading. And even if I’ve read the tea leaves correctly, it doesn’t mean I’m right about Section 215. After all, back door searches on collection targeted at Julian Assange (who, as a foreign citizen and alleged spy, would be a legal target under Section 702 or even generally) would be a useful investigation into WikiLeaks supporters as well, though there’s abundant reason to believe dragnet queries serve as the basis for back door searches. Still, I think it’s likely that something that has been released and declassified since last April has mooted the government’s secret statutory claims.
The government, having sat on Judge Rothstein’s April 11 deadline from March 11 until Tuesday, is now stalling for time. (h/t JG; links to come shortly) On Tuesday, the lawyer who inherited this case claimed she has another case that prevents her from writing 10 pages on the status of the WikiLeaks investigation. But also that she needs more time to consult with the “defendant agencies.”
In addition, the draft supplemental brief will require review within the Department of Justice and defendant agencies before it may be filed.
EPIC’s not buying it, citing from the judge’s previous orders warning against extensions and stating clearly that business in other matters is not a good excuse. EPIC also described DOJ’s sleazy post-business hours effort to provide notice. and noted this is precisely the kind of thing Judge Rothstein had said would get a motion summarily denied.
Ms. Zeidner Marcus also did not timely notify Plaintiff’s counsel of her plans to file this Motion for Extension of Time. Ms. Zeidner Marcus first contacted Ms. McCall on April 8, 2014, the date that the filing was due, after ordinary business hours. Ms. Zeidner Marcus first emailed Ms. McCall on April 8, 2014 at 5:01 PM and followed up at approximately 5:30 PM that day with a telephone call. This did not give Ms. McCall sufficient time to consider Ms. Zeidner Marcus’ request or to consult with Ms. McCall’s co-counsel ,Mr. Rotenberg, regarding that request. Ms. Zeidner Marcus then filed her Motion for Extension of Time at 11:23 PM on the same day (April 8, 2014).
To which DOJ responded by accusing EPIC of filing an “improper” FOIA.
This case involves plaintiff’s attempts to improperly use the Freedom of Information Act to seek information about ongoing criminal investigations.
Remember, the underlying issue here is that DOJ shouldn’t be investigating innocent supporters of a publishing outlet. But DOJ believes trying to learn how and why they are doing so is an improper FOIA.
Meanwhile, DOJ sources admitted last November that they can’t really charge Assange without charging the NYT as well.
Justice officials said they looked hard at Assange but realized that they have what they described as a “New York Times problem.” If the Justice Department indicted Assange, it would also have to prosecute the New York Times and other news organizations and writers who published classified material, including The Washington Post and Britain’s Guardian newspaper, according to the officials, who spoke on the condition of anonymity to discuss internal deliberations.
Which, I guess, explains the rudeness and urgent need for one more month. Because if the government loses both its ongoing investigation and its statutory exemptions, they might have to explain why they used national security tools against people exercising free speech.
Update: The Judge gave the government half the extension they requested, to April 25.
In light of the fact that the motion was not timely filed and that press of business is not an adequate reason for an extension, the Court will not grant the request for a thirty day extension. Instead, the Court will grant an extension to and including April 25, 2014. Plaintiff’s opposition shall be filed on or before May 12, 2014. The reply shall be file on or before May 19, 2014. In the future, the Court expects the parties to comply with the terms of the Standing Order in this case.
In accepting the Sam Adams prize, Chelsea Manning raised the ACLU/NYT lawsuits for the OLC memo authorizing the killing of Anwar al-Awlaki. (h/t Kevin Gosztola)
In doing so, she borrows an argument about separation of power and secrecy Judge Colleen McMahon made in her opinion on the FOIA.
As they gathered to draft a Constitution for their newly liberated country, the Founders – fresh from a war of independence from the rule of a King they styled a tyrant- were fearful of concentrating power in the hands of any single person or institution, and most particularly in the executive. That concern was described by James Madison in Federalist No. 47 (1788):
The accumulation of all powers, legislative, executive, and judiciary, in the same hands, whether of one, a few, or many, and whether hereditary, selfappointed, or elective, may justly be pronounced the very definition of tyranny ….
The magistrate in whom the whole executive power resides cannot of himself … administer justice in person, though he has the appointment of those who do administer it.
The Framers — who were themselves susceptible to being hanged as traitors by the King of England during the Revolutionary War — were as leery of accusations of treason as they were of concentrating power in the hands of a single person or institution. As a result, the Constitution accords special protections to those accused of the most heinous of capital crimes; Article 3, Sec. 3 sets the procedural safeguard that, “No Person shall be convicted of treason unless on the Testimony of two Witnesses to the same overt Act, or on Confession in open Court.”
Interestingly, the Treason Clause appears in the Article of the Constitution concerning the Judiciary — not in Article 2, which defines the powers of the Executive Branch. This suggests that the Founders contemplated that traitors would be dealt with by the courts of law, not by unilateral action of the Executive. As no less a constitutional authority than Justice Antonin Scalia noted, in his dissenting opinion in Hamdi, 542 U.S. at 554, “Where the Government accuses a citizen of waging war against it, our constitutional tradition has been to prosecute him in federal court for treason or some other crime.”
The founders of America – fresh from a war of independence from King George lll – were particularly fearful of concentrating power. James Madison wrote that “the accumulation of all powers, legislative, executive, and judiciary, in the same hands, whether of one, a few, or many, and whether hereditary, self-appointed, or elective, may justly be pronounced the very definition of tyranny.”(1)
When drafting Article III of the American Constitution, the founders were rather leery of accusations of treason, and accorded special protections for those accused of such a capital offense, providing that “[n]o person shall be convicted of Treason unless on the Testimony of two Witnesses to the same overt Act, or on Confession in open Court.”
For those of you familiar with the American Constitution, you may notice that this provision is under the Article concerning the Judiciary, Article III, and not the Legislative or Executive Articles, I and II respectively. And, historically, when the American government accuses an American of such crimes, it has prosecuted them in a federal criminal court.
After having repeated McMahon’s lesson on the checks our Founders gave Article III courts over the President, Manning described how frustrated McMahon was in not being able to release the OLC memo to ACLU and NYT.
In a recent Freedom of Information Act case(2) – a seemingly Orwellian “newspeak” name for a statute that actually exempts categories of documents from release to the public – a federal district court judge ruled against the New York Times and the American Civil Liberties Union. The Times and the ACLU argued that documents regarding the practice of “targeted killing” of American citizens, such as the radical Sunni cleric Anwar Nasser al-Aulaqi were in the public’s interest and were being withheld improperly.
The government first refused to acknowledge the existence of the documents, but later argued that their release could harm national security and were therefore exempt from disclosure. The court, however, felt constrained by the law and “conclud[ed] that the Government [had] not violated the FOIA by refusing to turn over the documents sought in the FOIA requests, and [could not] be compelled . . . to explain in detail the reasons why [the Government’s] actions do not violate the Constitution and laws of the United States.”
However, the judge also wrote candidly about her frustration with her sense that the request “implicate[d] serious issues about the limits on the power of the Executive Branch under the Constitution and laws of the United States,” and that the Presidential “Administration ha[d] engaged in public discussion of the legality of targeted killing, even of [American] citizens, but in cryptic and imprecise ways.” In other words, it wasn’t that she didn’t think that the public didn’t have a right to know – it was that she didn’t feel that she had the “legal” authority to compel disclosure.
Against that background, Manning notes that she was charged with treasonable offense, and wonders whether under the Awlaki precedent she could have been drone killed, just like Awlaki.
I was accused by the Executive branch, and particularly the Department of Defense, of aiding the enemy – a treasonable offense covered under Article III of the Constitution.
Granted, I received due process. I received charges, was arraigned before a military judge for trial, and eventually acquitted. But, the al-Aulaqi case raises a fundamental question: did the American government, and particularly the same President and Department, have the power to unilaterally determine my guilt of such an offense, and execute me at the will of the pilot of an Unmanned Aerial Vehicle?
She then compares (I think, though the timing on this is perhaps understandably murky) the release of both the OLC memo and follow-up speeches — and its revelation of the powers claimed by the President — with her own releases.
Until documents held by the U.S. Department of Justice’s Office of Legal Counsel were released after significant political pressure in mid-2013, I could not tell you. And, very likely, I do not believe I could speak intelligently of the Administration’s policy on “targeted killing” today either.
There is a problem with this level of secrecy, obfuscation, and classification or protective marking, in that they supposedly protect citizens of their nation; yet, it also breeds a unilateralism that the founders feared, and deliberately tried to prevent when drafting the American Constitution. Now, we have a “disposition matrix,” classified military commissions, and foreign intelligence and surveillance courts – modern Star Chamber equivalents.
I am now accepting this award, through my friend, former school peer, and former small business partner, Aaron, for the release of a video and documents that “sparked a worldwide dialogue about the importance of government accountability for human rights abuses,” it is becoming increasingly clear to me that the dangers of withholding documents, legal interpretations, and court jurisprudence from the public that pertain to the right to “life, liberty, and property” of a state’s citizens is as fundamental and important to protecting against such human rights abuses.
Of course, we still don’t know what happened to Anwar al-Awlaki; the White Paper leaves many of the key details obscure. Even as the government prepares to execute another of its citizens.
But in comparing her own releases with the government’s refusal to reveal precisely how they decided to execute an American with no due process, Manning points to where this has already gone.
And she makes a compelling case that the government’s claims of secrecy cannot be trusted.