Hey, turns out there is actual NFL football on today. Who knew? The early game is on the NFL Network, and features the Eagles at the dysfunctional Redskins. Not long ago, the Eagles had the best record in the league, now they don’t even control their own playoff destiny. So they have to beat the Eagles today and Giants next week and hope for some help. RGIIIis back at QB for Washington, but it is hard to see the Eagles losing here. The later game is on CBS and has the Bolts at the Niners. San Diego still has some life left in them, the Niners not so much.

On Sunday, the Lions are at the Bears, and should have no issue there. Cutler has been benched in favor of Jimmy Clausen. It has gotten so bad that the Bears are talking bout offering a high draft pick along with Cutler to get another team interested enough to take Cutler. Ooof.

The Chiefs at Steelers should be a decent game, as should Colts at Cowboys and Broncos at Bengals. The supposedly marquee matchup is the Seahawks at Cardinals. The winner will almost certainly win the NFC West and may well have home field advantage for the playoffs. But I say “supposedly” because it is hard to imagine how the Cardinals are going to find enough offense to hang with the Squawks. Drew Stanton is still out and Ryan Lindley will be starting. Lindley is really a quality kid, but the Legion of Boom is probably going to light him up. Hope springs eternal here for some kind of miracle game from the Cards, but the odds of that are effectively zero.

The rest of the games just aren’t that interesting, especially considering how late in the season it is.

Welp, here we are for another Thanksgiving at the Wheelhouse. And thankful you all are hear with us. This will be a pretty abbreviated trash because there are only three games on the docket for today. First up, as always, is the traditional game from Detroit. This year the Kitties host Da Bears. We are at halftime as I write. I actually thought the Bears might have a chance at the upset, but Stafford just threw a late TD to Megatron and the Lions are up 24-14, and the Bears just don’t seem like they are clicking on either side of the ball, but especially on defense. Expect more of the same in the second half.

Next up is the Eagles at Jerryworld and the Cowboys. This has the makings of an excellent game. Both teams come in at 8-3 and seem to have withstood midseason uncertainty. My inclination is to take the ‘Boys here. But Philly can wear out defenses, and Dallas is good, but not deep. If Sanchez doesn’t make a bunch of mistakes, I think the Eagles can pull it off. The night game is another division slugfest, this time in the NFC west. Squawks at Niners. Both teams are 7-4 going in, but the loser is in some trouble for the post season. Seattle dominated Arizona in Seattle last week, but they are a different team on the road, and this game is in the Big Bluejeans Stadium. No idea who wins this, strikes me as a tossup.

We will have a special guest trasher on Saturday for the weekend’s festivities, but there are a couple of interesting college games tonight and tomorrow. Tonight is TCU at Texas. Probably will be a TCU blowout, but I would love to see the Longwhorens pull the upset. Tomorrow the action is in the Pac-12. Stanford is at UCLA. Always a tough game, and the Tree could really monkey wrench things with an upset. I don’t think so, I’ll take the Bruins.

And last, but certainly not least, is THE BIG GAME. For the Territorial Cup. Arizona State at the hated Arizona. Calling this a rivalry is wholly insufficient. The schools, and teams, loath each other with a passion. And this is the first time in many, many years that both teams enter the game so highly ranked and with big bowl aspirations in play. I highly urge you to tune into this, the game rarely disappoints. Much as I hate to say it, the game is in Tucson this year, and for that reason I give the edge to Rich Rod and the Cats. The Devils rebounded from their soul crushing road loss at Oregon State to get back on track, mostly in the second half, against Washington State last weekend. Can they keep it up and pull off a win in the Old Pueblo? We shall see!

Have a great Thanksgiving, enjoy your friends, family and food. See you in comments!

Monday is the deadline set by the P5+1 group of nations and Iran for achieving a final agreement on steps to assure the world that Iran’s nuclear program is only aimed at the civilian uses of producing electricity and providing isotopes for medical use. With that deadline rapidly approaching, those who take a more hawkish view toward Iran and wish to see no agreement are doing their best to disrupt the negotiations as they enter the home stretch to an agreement or another extension of the interim agreement, which is nearing a year under which Iran has met all of its obligations.

A primary tool used by those who prefer war with Iran over diplomacy is Yukiya Amano, the Director General of the International Atomic Energy Agency. Keeping right on schedule, Amano has interjected himself into the story on the final stage P5+1 talks (in which IAEA has no role) and one of his chief transcribers, Fredrik Dahl of Reuters, has fulfilled his usual role of providing an outlet for those wishing to disrupt a deal. Today’s emission from Amano [Note: During the time that this post was being written, Reuters changed the Fredrik Dahl piece that is being referenced. Here is an upload of the version of the story as it appeared with an 8:09 am Eastern time stamp. Usually, Reuters just sends new stories out with new url’s, but the url under which the 8:09 version loaded for me now loads a 10:09 story by different reporters discussing a likely extension of negotiations to March.]:

Iran has yet to explain suspected atomic bomb research to the U.N. nuclear agency, its head said on Thursday, just four days before a deadline for a comprehensive deal between Iran and six world powers to end the 12-year-old controversy.

After nearly a year of difficult diplomacy, Washington is pushing for agreement on at least the outline of a future accord and U.S. Secretary of State John Kerry will attend talks with Iran, France, Germany, Britain, Russia and China on Friday.

But Yukiya Amano, director general of the International Atomic Energy Agency, made clear it was far from satisfied, saying it was not in a position to provide “credible assurance” Iran had no undeclared nuclear material and activities.

It comes as no surprise that Amano would try to disrupt the talks at such a critical juncture. Recall that he replaced Nobel Peace Prize winner Mohammad elBaradei in 2009. Amano laid low for a while, but in 2011 came out swinging against Iran. By moving in such a politically motivated way, I noted at that time that Amano was doing huge damage to the credibility of the IAEA after its terrific work under elBaradei.

Amano was carefully chosen and groomed for his role at IAEA.

Wikileaks documents revealed in 2010 showed how Amano assured US “diplomats” that he would be solidly in the US camp when it came to pursuing charges against Iran’s nuclear program:

Amano reminded [the] ambassador on several occasions that he would need to make concessions to the G-77 [the developing countries group], which correctly required him to be fair-minded and independent, but that he was solidly in the U.S. court on every key strategic decision, from high-level personnel appointments to the handling of Iran’s alleged nuclear weapons program.

More candidly, Amano noted the importance of maintaining a certain “constructive ambiguity” about his plans, at least until he took over for DG ElBaradei in December.

And what of these “possible military dimensions” of Iran’s nuclear work that Amano is holding against Iran? They are based on a total fabrication known as the laptop of death. Further, IAEA is not structured or staffed in a way for it to be the appropriate vehicle for determining whether work in Iran is weapons-related. It is, however, built for monitoring and accounting for enrichment of uranium, where it has found Iran to divert no material from its declared nuclear power plant fuel cycle.

Amano is far from alone in his campaign to disrupt the talks. Recall that a couple of weeks ago, David Sanger took to the front page of the New York Times to plant the erroneous idea the Iran was nearing an agreement to outsource its enrichment of uranium to Russia. The Times never noted nor corrected the error, which, conveniently for Sanger and other opponents of a deal, could give hardliners in Iran another opening for opposing any deal.

Sanger returned to the front page of the Times on Monday to gleefully list the forces he sees arrayed against any deal with Iran. Remarkably, Sanger did at least make an offhand correction to his earlier error (but of course there still is no note or change on the original erroneous report). He only does this, though, while also describing how he thinks Russia could undermine the breakthrough in which they have played a huge role:

Perhaps the most complex political player is Russia. It has remained a key element of the negotiating team, despite its confrontations with the West over Ukraine. It has been a central player in negotiating what may prove the key to a deal: a plan for Iran to ship much of its low-enriched uranium to Russian territory for conversion into fuel for the Bushehr nuclear power plant.

But Russian officials may want an extension of the talks that keeps any real agreement in limbo — and thus keeps Iranian oil off the market, so that it cannot further depress falling prices.

So, yes, Sanger finally admits the deal would be for Russia to convert low enriched uranium to fuel rods, not to do the enrichment itself, but only while also cheering on what he sees as a path for Russia keep Iranian oil off international markets.

Missing from Sanger’s list of forces lined up against a deal with Iran are those working behind the scenes in the US intelligence and “diplomatic” communities. Those forces gave state secrets to United Against Nuclear Iran to be used in false allegations against a Greek shipping firm providing goods to Iran that were not subject to sanctions. We still don’t know what that information was nor how UANI came into its possession because the Justice Department has intervened to quash disclosure in the lawsuit resulting from the false allegations.

As we enter what is slated to be the final weekend of the negotiations, the stakes are clear. Barack Obama has gladly jumped on board with most neocon dreams of open war in many of their target nations. Iran remains a huge prize for them, but so far Obama has shown remarkable resolve in pushing for an agreement that could avert a catastrophic war that would make the current ones look only like small skirmishes. I’m hoping for the best this weekend, but I also worry about what opponents of the negotiations may have in store for their final move.

As we speak, Chuck Schumer is probably yelling into a phone trying to get President Obama to nominate Wall Street’s US Attorney Preet Bharara to succeed Eric Holder as Attorney General. “Barahck,” Schumer is probably yelling, “I can get Mitch to agree to push Preet through in the Lame Duck.”

That’s because Holder has just announced his resignation, pending confirmation of his successor.

The three most interesting details in Carrie Johnson’s scoop on Holder’s resignation are that he is likely to return to Covington and Burling, where — like former Criminal Division Chief Lanny Breuer before him — he will represent banks as they craft sweetheart deals with DOJ.

Friends and former colleagues say Holder has made no decisions about his next professional perch, but they say it would be no surprise if he returned to the law firm Covington & Burling, where he spent years representing corporate clients.

Nice to know a guy can still profit off of 6 years of overlooking rampant bank crime.

Johnson also reported that Holder plans to push through racial profiling guidelines that will protect African Americans but not Muslims.

Long-awaited racial profiling guidelines for federal agents will be released soon, too. Those guidelines will make clear that sexual orientation, ethnicity and religion are not legitimate bases for law enforcement suspicion, but controversial mapping of certain communities — including Muslim Americans — would still be allowed for national security investigations, one of the sources said.

That will soil the one real bright spot of Holder’s tenure at DOJ, his fight for civil rights.

Finally, Johnson reported that Don Verrilli — the guy who seemed to, but did not quite — lose the ObamaCare fight is the leading candidate to replace Holder.

The sources say a leading candidate for that job is Solicitor General Don Verrilli, the administration’s top representative to the Supreme Court and a lawyer whose judgment and discretion are prized in both DOJ and the White House.

By “judgement and discretion,” I wonder whether Johnson’s sources are referring to Verrilli’s stubbornness in not correcting the lies he told SCOTUS (wittingly or unwittingly) about DOJ’s implementation of FISA Amendments Act in the Amnesty v. Clapper case. By claiming, falsely, that DOJ gives defendants notice that they’ve been caught using Section 702, Verrilli successfully beat back the Justices’ concerns that no one would ever have standing to challenge these laws.

For what it’s worth, I think people are vastly overestimating the time it will take to replace Holder. After all, Republicans are on the record that they believe Holder to be contemptuous of Congress. While the House GOP that is suing him don’t actually get a vote on his replacement, surely they’ll convince their proxy Ted Cruz to represent their contempt.

Thus, for the right candidate, I suspect confirmation will happen quickly, just as Caroline Krass got confirmed in a landslide when the costs of leaving Robert Eatinger — who referred CIA’s overseers to DOJ for investigation — in place as Acting CIA General Counsel became clear.

I’m just not convinced Verrilli is that guy. And while Preet did lead the investigation into Alberto Gonzales’ politicization of the US Attorneys when he worked for Schumer, surely the GOP cares more about his diligent efforts to not investigate the banks in the interim.

Even back in 2009, when Russ Feingold made it clear that Yahoo had no access to the data it needed to aggressively challenge the Protect American Act orders it received, I realized what a tough legal fight it was to litigate blind. That has only been made more clear by the document trove released last week.

Which is why Mark Zwillinger’s comments about the trove are so interesting.

First, ZwillGen points out that the challenge to the PAA directives may not have helped Yahoo avoid complying, but it did win an important victory allowing providers to challenge surveillance orders.

[I]n this fight, the government argued that Yahoo had no standing to challenge a directive on the basis of the Fourth Amendment rights of its users. See Government’s Ex Parte Brief at pages 53-56.Although the government was forced to change its position after it lost this issue at both the FISC and the FISCR — and such standing was expressly legislated into the FAA – had the government gotten its way, surveillance orders under § 702 would have been unchallengeable by any party until the fruits of the surveillance were sought to be used against a defendant in a criminal case. That would have given the executive branch even greater discretion to conduct widespread surveillance with little potential for judicial review. Even though Yahoo lost the overall challenge, winning on the standing point was crucial, and by itself made the fight personally worthwhile.

ZwillGen next notes that the big numbers reported in the press — the $250K fines for non-compliance — actually don’t capture the full extent of the fines the government was seeking. It notes that the fines would have added up to $400 million in the second month of non-compliance (it took longer than that to obtain a final decision from the FISCR).

Simple math indicates that Yahoo was facing fines of over $25 million dollars for the 1st month of noncompliance, and fines of over $400 million in the second month if the court went along with the government’s proposal. And practically speaking, coercive civil fines means that the government would seek increased fines, with no ceiling, until Yahoo complied. 

Finally — going directly to the points Feingold made 5 years ago — Yahoo had no access to the most important materials in the case, the classified appendix showing all the procedures tied to the dragnet.

The ex parte, classified appendix was just that: a treasure trove of documents, significantly longer than the joint appendix, which Yahoo had never seen before August 22, 2014. Yahoo was denied the opportunity to see any of the documents in the classified, ex parteappendix—even in summary form. Those documents bear a look today. They include certifications underlying the § 702 directives, procedures governing communications metadata analysis, a declaration from the Director of National Intelligence, numerous minimization procedures regarding the FBI’s use of process, and, perhaps most importantly, a FISC decision from January 15, 2008regarding the procedures for the DNI/AG Certification at issue, which Yahoo had never seen. It examines those procedures under a “clearly erroneous” standard of review – which is one of the most deferential standards used by the judiciary. Yahoo did not have these documents at the time, nor the opportunity to conduct any discovery. It could not fully challenge statements the government made, such as the representation to FISCR “assur[ing the Court] it does not maintain a database of incidentally collected information from non-targeted United States persons, and there is no evidence to the contrary.” Nor could Yahoo use the January 15, 2008 decision to demonstrate how potential flaws in the targeting process translated into real world effects.

This blind litigation is, of course, still the position defense attorneys challenging FISA orders for their clients are in.

Yahoo actually made a pretty decent argument 6 years ago, pointing to incidental collection, collection of Americans’ records overseas (something curtailed, at least in name, under FISA Amendments Act), and dodgy analysis underlying the targeting decisions handed off to Yahoo. But they weren’t permitted the actual documentation they needed to make that case. Which left the government to claim — falsely — that the government was not conducting back door searches on incidentally collected data.

For years, ex parte proceedings have allowed the government to lie to courts and avoid real adversarial challenges to their spying. And not much is changing about that anytime soon.

There was a weird spate of reporting on the cyberthreat to banks last week. Normally, security firms (and occasionally really good tech journalists) report under their own name on such attacks — after all, they have businesses to run! But not the story — first reported by Bloomberg Wednesday evening — that Russia had attacked JP Morgan. At first, these reports appeared to be coming from FBI — given that the FBI investigation served as the lede of the story.

Russian hackers attacked the U.S. financial system in mid-August, infiltrating and stealing data from JPMorgan Chase & Co. (JPM) and at least one other bank, an incident the FBI is investigating as a possible retaliation for government-sponsored sanctions, according to two people familiar with the probe.

The attack resulted in the loss of gigabytes of sensitive data, said the people, who asked not to be identified because the probe is still preliminary.

But over the course of the story — and two more sources introduced with no description beyond that they had been briefed on the probe — the FBI officially gave no comment.

The sophistication of the attack and technical indicators extracted from the banks’ computers provide some evidence of a government link. Still, the trail is muddy enough that investigators are considering the possibility that it’s cyber criminals from Russia or elsewhere in Eastern Europe. Other federal agencies, including the National Security Agency, are now aiding the investigation, a third person familiar with the probe said.

[snip]

J. Peter Donald, an FBI spokesman in New York, declined to comment.

[snip]

In at least one of the attacks, the hackers grabbed sensitive data from the files of bank employees, including executives, according to a fourth person briefed on the probe, who, like the other individuals with knowledge of the matter, declined to divulge the name of victims other than JPMorgan. Some data related to customers may also have been accessed, the person said.

The NYT’s version of the story, published later on Wednesday, also cited a bunch of people described only as “briefed on the continuing investigation.”

A number of United States banks, including JPMorgan Chase and at least four others, were struck by hackers in a series of coordinated attacks this month, according to four people briefed on a continuing investigation into the crimes.

The hackers infiltrated the networks of the banks, siphoning off gigabytes of data, including checking and savings account information, in what security experts described as a sophisticated cyberattack.

The motivation and origin of the attacks are not yet clear, according to investigators. The F.B.I. is involved in the investigation, and in the past few weeks a number of security firms have been brought in to conduct forensic studies of the penetrated computer networks.

[snip]

According to two other people briefed on the matter, hackers infiltrated the computer networks of some banks and stole checking and savings account information from clients.

The NYT was able to get the FBI (as well as JP Morgan) on the record.

“Companies of our size unfortunately experience cyberattacks nearly every day,” said Patricia Wexler, a JPMorgan spokeswoman. “We have multiple layers of defense to counteract any threats and constantly monitor fraud levels.” Joshua Campbell, an F.B.I. spokesman, said the agency was working with the Secret Service to assess the full scope of attacks. “Combating cyberthreats and criminals remains a top priority for the United States government,” he said.

This article (published midday on Thursday) — which casts doubt on the seriousness of the attack — seems to suggest that JPMC leaked to the press, not the FBI.

“There are no credible threats posed to the financial services sector at this time,” [Financial Services Information Sharing and Analysis Center] said in an email to its members.

[snip]

JPMorgan had said early on Thursday that it was working with U.S. law enforcement authorities to investigate a possible cyber attack.

The bank provided little information about the suspected attack, declining to say whether it believed hackers had stolen any data or who might be responsible.

“Companies of our size unfortunately experience cyber attacks nearly every day. We have multiple layers of defense to counteract any threats and constantly monitor fraud levels,” it said in a statement.

The FBI had said late on Wednesday that it was looking into media reports on a spate of attacks on U.S. banks, raising concerns that the sector was under siege by sophisticated hackers.

Yet several cyber security experts said that they believe those concerns are overblown.

“Banks are getting attacked every single day. These comments from FS-ISAC and its members indicate that this is not a major new offensive,” said Dave Kennedy, chief executive officer of TrustedSEC LLC, whose clients include several large U.S. banks.

See this Time piece for more reasons why this is probably not the Russian hack it has been pitched as. And the WaPo — in their Wednesday report relying on “officials” — also cast doubt on the claimed motive for the attack, if it is Russia.

But even after the Reuters report casting doubt on the claims about the hack, Bloomberg continued its reporting — this time suggesting the attack began in June and ended several weeks ago, when previous report said it had started (and this time focusing on JP Morgan alone).

Hackers burrowed into the databanks of JPMorgan Chase & Co. and deftly dodged one of the world’s largest arrays of sophisticated detection systems for months.

The attack, an outline of which was provided by two people familiar with the firm’s investigation, started in June at the digital equivalent of JPMorgan’s front door, exploiting an overlooked flaw in one of the bank’s websites. From there, it quickly developed into any security team’s worst nightmare.

The hackers unleashed malicious programs that had been designed to penetrate the corporate network of JPMorgan — the largest U.S. bank, which had vowed two months before the attack began to spend a quarter-billion dollars a year on cybersecurity. With sophisticated tools, the intruders reached deep into the bank’s infrastructure, silently siphoning off gigabytes of information, including customer-account data, until mid-August.

[snip]

Evidence of advanced planning and the access to elaborate resources, as well as information provided by the FBI, led some members of the bank’s security team to tell outside consultants that they believed the hackers had been aided by the hidden hand of the Russian government, possibly as retribution for U.S.- imposed sanctions.

Bloomberg also made clear that Mike Rogers served as a source of some kind.

The Federal Bureau of Investigation and other agencies are working on the JPMorgan probe, and House Intelligence Committee Chairman Michael Rogers has been briefed on the bank attacks.

It was all very convenient, blaming Russia (even though investigators hadn’t confirmed that’s where the attack originated) for scary financial threats.

And then, after several days of all this, Bloomberg published this story, citing the gigabytes of data allegedly taken from JP Morgan, warning that we’re all going to have to bail out Jamie Dimon again.

A worst-case event that destroyed records, drained accounts and froze networks could hurt the economy on the scale of the terrorist attacks of Sept. 11, 2001. The government response, though, might be more akin to that following the 2008 credit meltdown, when the Federal Reserve invoked “unusual and exigent circumstances” to lend billions of dollars.

The government might have little choice but to step in after an attack large enough to threaten the financial system. Federal deposit insurance would apply only if a bank failed, not if hackers drained accounts. The banks would have to tap their reserves and then their private insurance, which wouldn’t be enough to cover all claims from a catastrophic event, DeMarco and other industry officials said.

[snip]

Discussions about the government’s role in cleaning up after a catastrophic cyber assault have centered on the Terrorism Risk Insurance Act, or TRIA.

[snip]

The insurance law, enacted after the 2001 attacks, authorizes the government to provide financial support for insurance companies in the wake of terrorism. It is up for renewal this year. Under TRIA, insurers cover a fixed amount of losses from terrorist attacks with the government backstopping additional costs up to $100 billion. The law gives the Treasury secretary broad latitude to invoke the backstop.

In private meetings, Treasury officials have told insurance industry lobbyists that the department would treat cyber-terror like a physical attack under TRIA, said the people involved with the talks, who spoke on condition of anonymity because the discussions were private.

There has been a whole lot of fearmongering over this attack, which insiders doubt happened as billed and/or as attributed to Russia.

But if something like it does happen — gigabytes! — you can be sure Jamie Dimon will stiff us with the bill.

I Con the Record just released some ridiculously overclassified Internet dragnet documents it claims shows oversight but which actually shows how they evaded oversight. I’ve added letters to ID each document (I’ll do a post rearranging them into a timeline tomorrow or soon thereafter).

For a timeline I did earlier of the Internet dragnet program see this post.

This will be the first of several working threads, starting with descriptions of what we’ve got.

8/12: Note I will be updating this as I can clarify dates and content.

So-called Judicial oversight

A. FISC Opinion and Order: This is the Kollar-Kotelly order that initially approved the dragnet on July 14, 2004. A searchable version is here.

B. FISC Primary Order: This is an Internet dragnet order signed by Reggie Walton, probably in 2008 or very early 2009. It shows that the Internet dragnet program, which was almost certainly illegal in any case, had less oversight than the phone dragnet program (though at this point also collected fewer records). It was turned over pursuant to FAA requirements on March 13, 2009.

C. FISC Primary Order: This is an Internet dragnet order probably from May 29, 2009 (as identified in document D), signed by Reggie Walton. It shows the beginning of his efforts to work through the Internet violations. It appears to have been provided to Congress on August 31, 2009.

D. FISC Order and Supplemental Order: This is a version of the joint June 22, 2009 order released on several occasions before. It shows Reggie Walton’s efforts to work through the Internet dragnet violations. Here’s one version.

E. FISC Supplemental Order: This appears to be the dragnet order shutting down dragnet production. It would date to fall 2009 (production was likely shut down in October 2009, though this might reflect the initial shut-down).

F. FISC Primary Order: I’m fairly sure this is an order from after Bates turned the Internet dragnet back on in 2010 (and is signed by him), though I will need to verify that. It does require reports on how the NSA will segregate previously violative records, which is consistent with it dating to 2011 sometime (as is the requirement that the data be XML tagged).

G. FISC Memorandum Opinion Granting in Part and Denying in Part Application to Reinitiate, in Expanded Form, Pen Register/Trap and Trace Authorization: This is the order, from sometime between July and October 2010, where John Bates turned back on and expanded the Internet dragnet. Here’s the earlier released version (though I think it is identical).

H. Declaration of NSA Chief, Special FISA Oversight and Processing, Oversight and Compliance, Signals Intelligence Directorate, the National Security Agency: This was a report Walton required in document C, above, and so would be in the May-June 2009 timeframe. Update: Likely date June 18, 2009.

I. Government’s Response to the FISC’s Supplemental Order: This is the government’s response to an order from Walton, probably in his May 29, 2009 opinion (see this order for background), or even earlier in May.Update: This response dates to June 18, 2009 or slightly before.

J. Declaration of NSA Chief, Special FISA Oversight and Processing, Oversight and Compliance, Signals Intelligence Directorate, the National Security Agency: This appears to be the declaration submitted in support of Response I and cited in several places. Update: likely date June 18, 2009.

K. Supplemental Declaration of Chief, Special FISA Oversight and Processing, Oversight and Compliance, Signals Intelligence Directorate, the National Security Agency: This appears to be the declaration that led to document C above.

L. Government’s Response to the FISC’s Supplemental Order Requesting a Corrective Declaration: This is a declaration admitting dissemination outside the rules responding to 5/29 order.

M. Government’s Response to a FISC Order: This is the government’s notice that it was using automatic queries on Internet metadata, just as it also was with the phone dragnet. This notice was provided to Congress in March 2009.

N. Declaration of Lieutenant General Keith B. Alexander, U.S. Army, Director, NSA, Concerning NSA’s Compliance with a FISC Order: After Walton demanded declarations in response to the initial phone dragnet violation, he ordered NSA to tell him whether the Internet dragnet also had the same problems. This is Keith Alexander’s declaration describing the auto scan for that program too. It was provided to Congress in March 2009.

O. Preliminary Notice of Potential Compliance Incident: This is the first notice of the categorical violations that ultimately led to the temporary shutdown of the dragnet, in advance of order E.

P. Notice of Filing: This is notice of a filing in response to inquiry from Judge Walton. It could be from any time during David Kris’ 2009 to early 2011 tenure.

Q: Government’s Application for Use of Pen Register/Trap and Trace Devices for Foreign Intelligence Purposes: This appears to be the application following Order E, above. I don’t think it’s the 2010 application that led to the reauthorization of the dragnet, because it refers to facilities whereas the 2010 order authorized even broader collection. (Remember Bates’ 2010 order said the government applied, but then withdrew, an application.) Update and correction: this application must post-date December 2009, because that’s when NSA changed retention dates from 4.5 years to 5. Also note reference to change in program and request to access illegally collected data from before 10/09.

R. Memorandum of Law and Fact in Support of Application for Pen Registers and Trap and Trace Devices for Foreign Intelligence Purposes: This appears to be the memorandum of law accompanying application Q.

S. Declaration of General Keith B. Alexander, U.S. Army, Director, NSA, in Support of Pen Register/Trap and Trace Application: This is Alexander’s declaration accompanying Q.

T. Exhibit D in Support of Pen Register/Trap and Trace Application: This is a cover letter. I’m not sure whether it references prior communications or new ones.

U. First Letter in Response to FISC Questions Concerning NSA bulk Metadata Collection Using Pen Register/Trap and Trace Devices: This is the first of several letters in support of reinitiation of the program. The tone has changed dramatically here. For that reason, and because so much of it is redacted, I think this was part of the lead-up to the 2010 reauthorization.

V. Second Letter in Response to FISC Questions concerning NSA bulk Metadata Collection Using Pen Register/Trap and Trace Devices: This second letter is entirely redacted except for the sucking up to Bates stuff.

W. Third Letter in Response to FISC Questions Concerning NSA Bulk Metadata Collection Using Pen Register/Trap and Trace Devices: More sucking up. Some language about trying to keep access to the existing illegally collected data. 

X. Application for Pen Register/Trap and Trace Devices for Foreign Intelligence Purposes: This is the first application for the Internet dragnet, from 2004. Very interesting. Note it wasn’t turned over until July 2009, after Congress was already learning of the new problems with it.

Y. Memorandum of Law and Fact in Support of Application for Pen Registers and Trap and Trace Devices for Foreign Intelligence Purposes: The memorandum of law accompanying X. Also turned over to Congress in 2009.

Z. Declaration of General Michael V. Hayden, U.S Air Force, Director, NSA, in Support of Pen Register/Trap and Trace Application: This goes with the initial application. NSA has left stuff unredacted that suggests they were access less bandwith than they, in the end, were. Also remember NSA violated this from the very beginning.

AA. Application for Use of Pen Register/Trap and Trace Devices for Foreign Intelligence Purposes: This appears to be the application for the second PRTT order. I’ll return to this tomorrow, but I don’t think it reflects the violation notice it should.

BB. Declaration of NSA Chief, Special FISA Oversight and Processing, Oversight and Compliance, Signals Intelligence Directorate: This is NSA’s declaration in conjunction with the first reapplication for the dragnet. This should have declared violations. It was turned over to Congress in March 2009. [update: these appear to be early 2009 application]

CC. Declaration Lieutenant General Keith B. Alexander, U.S. Army, Director, NSA, Concerning NSA’s Implementation of Authority to Collect Certain Metadata: This is Alexander’s declaration accompanying the End-to-End report, from sometime in fall 2009.

DD: NSA’s Pen Register Trap and Trace FISA Review Report: The end-to-end report itself. it was provided to Congress in January 2010.

EE: DOJ Report to the FISC NSA’s Program to Collect Metadata: DOJ’s accompaniment to the end-to-end report.

FF: Government’s First Letter to Judge Bates to Confirm Understanding of Issues Relating to the FISC’s Authorization to Collect Metadata: After Bates raauthorized the Internet dragnet, DOJ realized they might not be on the same page as him. Not sure if this was in the 2009 attempt or the 2010 reauthorization.

GG: Government’s Second Letter to Judge Bates to Confirm Understanding of Issues Relating to the FISC’s Authorization to Collect Metadata: A follow-up to FF.

HH: Tab 1 Declaration of NSA Chief, Special Oversight and Processing, Oversight and Compliance, Signals Intelligence: This appears to be the 90-day report referenced in document C. Update: Actually it is referenced in Document A: note the paragraphs describing the chaining that were discontinued before the dragnet approval.

II: Verified Memorandum of Law in Response to FISC Supplemental Order: This is one of the most fascinating documents of all. It’s a 2009-2011 (I think August 17, 2009, though the date stamp is unclear) document pertaining to 3 PRTT targets, relying on criminal PRTT law and a 2006 memo that might be NSA’s RAS memo (though the order itself is FBI, which makes me wonder whether it seeds the FBI program). It may have been what they used to claim that Internet content counted as metadata.

JJ: Memorandum of Law in Response to FISC Order: A September 25, 2006 response to questions from the FISC, apparently regarding whether rules from criminal pen registers apply to PATRIOT PRTT. While I think this addresses the application to Internet, I also think this language may be being used for location.

So-called Congressional oversight

KK: Government’s Motion to Unseal FISC Documents in Order to Brief Congressional Intelligence and Judiciary Committees: This is a request to unseal an order — I suspect document E — so it could be briefed to Congress.

LL:  Order Granting the Government’s Motion to Unseal FISC Documents in Order to Brief Congressional Intelligence and Judiciary Committees: Walton’s order to unseal KK for briefing purposes. 

MM: April 27, 2005 Testimony of the Attorney General and Director, FBI Before the Senate Select Committee on Intelligence: This is the 2005 testimony in which — I pointed out before — Alberto Gonzales did not brief Congress about the Internet dragnet.

So-called Internal oversight

NN: NSA IG Memo Announcing its Audit of NSA’s Controls to Comply with the FISA Court’s Order Regarding Pen Register/Trap and Trace Devices: This lays out an audit with PRTT compliance, noting that the audit also pertains to BR FISA (phone dragnet). It admits the audit was shut down when the order was not renewed. It’s unclear whether this was the 2009 or the 2011 shutdown, but the implication is it got shut down because it would not pass audit. 

OO: NSA IG Memo Suspending its Audit of NSA after the NSA’s PRTT Metadata Program Expired: the formal announcement they were shutting down the IG report. Again, it’s not clear whether this was the 2009 or the 2011 shutdown.

If you find this work valuable, please consider donating to support the work.  

Back in January of last year, the sudden return to Pakistan of cleric Tahir ul Qadri, who had been in a form of exile in Canada, threatened to derail the elections that took place two months later. There were accusations at the time that he was working on behalf of the military. Qadri did not take part in the elections (and is being called out for that now), but he started agitating again last month, with his large demonstrations leading to the arrest of large numbers of his followers and a number of deaths in clashes between his followers and police.

Yesterday, it was announced that Qadri will lead a “revolution march” that begins on August 14 and is intended to turn into a siege of Islamabad. From Geo News:

Pakistan Awami Tehreek (PAT) chief, Dr. Tahirul Qadri Sunday said the ‘revolution march’ will begin on August 14.

“No one will return till the government is toppled and the system changed,” Dr. Qadri told his workers and asked them to take a pledge by raising their hands.

But it will not be just  Qadri’s Pakistan Awami Tehreek (PAT) party marching in Islamabad on the 14th. The article continues:

Addressing the PAT workers who had gathered here to observe the party’s Yaum-e-Shuhda, the PAT chief said both ‘Azadi March’ of Imran Khan and ‘revolution march’ of his party will be staged on the same day of August 14.

Dawn is now counting down the days to the march (and somehow they borrow from the NCAA basketball tournament to call this march madness), and frame the major questions the demonstrations pose:

The Pakistan Tehreek-i-Insaf’s (PTI) Azadi March and the Pakistan Awami Tehreek chief Dr Tahirul Qadri’s ‘Revolution March’ will now storm the capital together, further intensifying the stand-off with the government.

Many questions remain unanswered at this stage. Will Imran’s ‘peaceful’ rally be hijacked by Qadri’s more volatile protesters? Whose demands is the combined march really about — Qadri’s, or Imran’s?

Will speculations of a military intervention push the situation beyond the point of no return for Nawaz and co.?

Pakistan’s government continues to negotiate with the groups and refuses to release the 1500 Qadri supporters who have been jailed. Significantly, the government also has called an additional 3000 federal troops to Islamabad to shore up preparations already undertaken by the military:

Pakistan Army’s 111 Brigade, Rangers, elite force and intelligence agencies personnel have already been assigned security duties in Islamabad as PTI and PAT gears up for a march towards the capital to oust the government on August 14.

The federal government called in military to Islamabad, from August 1 by invoking Article 245, for assisting the civil authorities in maintaining law and order situation of Islamabad for three months.

Ironically, despite his government calling in the military to deal with the chaos surrounding the march, Prime Minister Nawaz Sharif is accusing former military dictator Pervez Musharraf (and by extension, Pakistan’s military) of being behind the movement:

In a speech that addressed the ongoing political crisis in the currently, the prime minister on Monday asked who is behind the calls for revolutions and marches in the country.

“I can’t help but laugh at the agendas of these long marches,” Nawaz Sharif said, indirectly referring to Pakistan Tehreek-i-Insaf (PTI) and Pakistan Awami Tehreek (PAT).

“It hurts and confuses me – who has given them these agendas?”

/snip/

The government has accused “Musharraf’s friends” of being behind the political chaos in the country, with PTI and PAT leaders Imran Khan and Tahirul Qadri calling for the prime minister to step down with a march on August 14.

In a veiled reference to former military ruler General (retired) Musharraf, he asked why those who invited the war on terror in Pakistan are not held accountable.

“Have we not learned lessons from what this country has suffered? The constitution has been uprooted, rule of law has been flouted…we suffered billion of dollars in losses [as a result of Pakistan’s involvement]. Who sowed the seeds of terrorism?” he asked.

“Who is going to hold them accountable?”

This week promises to be very revealing about the future of Pakistan’s politics. And shouldn’t someone be raising those same questions from Sharif here in the US? Have we not learned lessons from what we have suffered, as our constitution also was uprooted and rule of law flouted? Shouldn’t we hold someone accountable here?

In the last several days, two important new reports on the FBI’s creation of Muslim terrorists.

The first is an Al Jazeera English video, above, from Trevor Aaronson, who also wrote The Terror Factory. He interviews both informants and the men who entrapped them, the latter of whom describe the FBI’s method. The video includes an extended look at a Toledo informant not previously profiled.

Today Human Rights Watch released a report (I’m part way done with it). That did both statistical analysis of the terrorism cases since 9/11 and close reviews of 27 cases across the country. They did interviews with a number of detainees. They examined the use of pre-trial solitary confinement.

Both reports make a key point: by putting informants in mosques, the FBI is effectively inserting potentially dangerous criminals inside faith communities rather than imprisoning them. The HRW report notes that in some cases, those informants “trolled” for potential leads.

Some of the cases we reviewed appear to have begun as virtual fishing expeditions, where the FBI had no basis to suspect a particular individual of a propensity to
commit terrorist acts. In those cases, the informant identified a specific target by
randomly initiating conversations near a mosque. Assigned to raise controversial
religious and political topics, these informants probed their targets’ opinions on
politically sensitive and nuanced subjects, sometimes making comments that
appeared designed to inflame the targets. If a target’s opinions were deemed
sufficiently troubling, officials concerned with nascent radicalization pushed the
sting operation forward.

HRW’s primary recommendation is more controls on the use of informants. In particular it describes how FBI sometimes uses an effort for spiritual advice to push a (usually young) target towards violence.

Both reports provide valuable new details on how the FBI makes terrorists. We’re getting closer to mapping how all these systems fit together.

Back in February, I noted Ron Wyden’s question for then acting OLC head Caroline Krass (she’s now CIA’s General Counsel) about Jack Goldsmith’s 2004 OLC opinion authorizing the dragnet.

In the follow-up questions for CIA General Counsel nominee Caroline Krass, Ron Wyden asked a series of his signature loaded questions. With it, he pointed to the existence of still-active OLC advice — Jack Goldsmith’s May 6, 2004 memo on Bush’s illegal wiretap program — supporting the conduct of a phone (but not Internet) dragnet based solely on Presidential authorization.

He started by asking “Did any of the redacted portions of the May 2004 OLC opinion address bulk telephony metadata collection?

Krass largely dodged the question — but did say that “it would be appropriate for the May 6, 2004 OLC opinion to be reviewed to determine whether additional portions of the opinion can be declassified.”

In other words, the answer is (it always is when Wyden asks these questions) “yes.”

This is obvious in any case, because Goldsmith discusses shutting down the Internet dragnet program, and spends lots of time discussing locating suspects.

Wyden then asked if the opinion relied on something besides FISA to conduct the dragnet.

[D]id the OLC rely at that time on a statutory basis other than the Foreign Intelligence Surveillance Act for the authority to conduct bulk telephony metadata collection?

Krass dodged by noting the declassification had not happened so she couldn’t answer.

But the 2009 Draft NSA IG Report makes it clear the answer is yes: NSA collected such data, both before and after the 2004 hospital showdown, based solely on Presidential authorization (though on occasion DOJ would send letters to the telecoms to reassure them both the metadata and content collection was legal).

Finally, Wyden asks the kicker: “Has the OLC taken any action to withdraw this opinion?”

Krass makes it clear the memo is still active, but assures us it’s not being used.

This is an exchange Center for National Security Studies Kate Martin brings back into the discussion of whether USA Freedumber actually ends bulk collection.

[W]e don’t know whether the Justice Department has opined that other statutory authorities – not now addressed in the USA Freedom Act – could authorize the NSA’s bulk collection.  Without this knowledge, we can’t be certain whether the proposed amendments to section 501 (215) will in fact be sufficient to prohibit the NSA from engaging in bulk collection of metadata using some other hitherto unidentified authority.

This is not a fanciful concern.  There is in fact a still partly secret OLC opinion by the Justice Department that may address precisely this question.

CNSS is using the debate over USA Freedumber to demand the Administration declassify the rest of that opinion.

When the government declassified the statements submitted in the Jewel v. NSA case last December, it basically declassified everything that should be in that memo. So what’s the holdup on releasing the memo itself?