The French, who have a long history with Syria, offered a somewhat more developed explanation for why they’re so sure that Bashar al-Assad should be held responsible for the August 21 attack even while someone in his Ministry of Defense appears to have been panicked and confused about the attack. (Note: Alan Grayson asked for this intercept to be declassified in today’s hearing, but Chuck Hagel seemed unenthused about that idea.)

Last Wednesday, in the hours after a horrific chemical attack east of Damascus, an official at the Syrian Ministry of Defense exchanged panicked phone calls with a leader of a chemical weapons unit, demanding answers for a nerve agent strike that killed more than 1,000 people.

In their case for war they talked about how tightly controlled Assad’s Chemical Weapons are.

The Syrian chemical programme is centred around the Center of Scientific Studies and Research (CSSR), in charge among others of producing chemical warfare agents. Its Branch 450 is in charge of the filling of chemical ammunitions, as well as the security of chemical sites and stockpiles. Formed exclusively with Alawi officers, this unit is known for its high loyalty to the regime.

Bachar al Assad and some of the most influential members of his clan are the only ones empowered to order the use of chemical weapons. The order is then forwarded to the commanding officers within the competent branches of the CSSR. In parallel, the armed forces HQs receive the order, decide of targeting and of the choice of weapons and toxic agents to use.

While not definitive, it is a slightly more developed version of the argument that the US made.

Syrian President Bashar al-Asad is the ultimate decision maker for the chemical weapons program and members of the program are carefully vetted to ensure security and loyalty. The Syrian Scientific Studies and Research Center (SSRC) – which is subordinate to the Syrian Ministry of Defense – manages Syria’s chemical weapons program.

Nevertheless, in the face of some questions about what the men in the CW unit were doing, both governments have offered simply an argument about how reliable the CW staffers are in this unit.

But that comes amidst what John Kerry claims is a big wave of defections. The most notable is that of General Habib Ali, Assad’s former Minister of Defense and like him an Alawite.

“Ali Habib has managed to escape from the grip of the regime and he is now in Turkey, but this does not mean that he has joined the opposition. I was told this by a Western diplomatic official,” Kamal al-Labwani said from Paris.

Syrian state television denied Habib had left Syria and said he was still at his home. Turkey’s foreign minister, Ahmet Davutoglu, said he could not at the moment confirm Habib had defected.

A Gulf source told Reuters that Habib had defected on Tuesday evening, arriving at the Turkish frontier before midnight with two or three other people. He was then taken across the border in a convoy of vehicles.

His companions were fellow military officers who supported his defection, the source said. They were believed to have also left Syria but there was no immediate confirmation of that.

Labwani said Habib was smuggled out of Syria with the help of a Western country.

“He will be a top source of information. Habib has had a long military career. He has been effectively under house arrest since he defied Assad and opposed killing protesters,” Labwani said.

An officer in the opposition Free Syrian Army, who did not want to be identified, said the Habib appeared to have coordinated his defection with the United States.

There are, admittedly, some questions about this defection.

But Kerry referenced this during today’s hearing (though admitted that the Syrians claim the defection didn’t happen) and also said there were 60 to 100 other defections going on right now.

That would match another large group of defections from Assad’s side.

I’ve been saying this for a while: the rebels and Americans aren’t hiding that they’ve got assets loyal to the rebel side throughout Assad’s regime, with significant numbers at least purportedly defecting with US help.

They may be boasting falsely. But both things are unlikely to be true at once. Either the US and rebels have chipped away at the loyalty of even some of those closest to Assad — including even some Alawites of the type that might have custody of the CW — or these defections are just bluster.

But given the large number of defections (even assuming these claims may not be reliable), it does require more than just a theoretical explanation of how Assad’s CW chain of command is supposed to work.

This post consists of two things. First, a comparison of the 2009 notice and the 2011 one on the PATRIOT Act dragnet programs (as well as the one paragraph from the White Paper that largely replicates their compliance language).

Then, it includes the items noted on this Vaughn Index submitted in the ACLU suit for Section 215 information, along with other relevant known dates.

I’m working on some related posts, but needed to post this to refer back to.

---

Differences between 2009 and 2011 Notices

2011 PDF 3-4: As I noted, the 2011 letter provides proof that this letter was provided to SSCI as well as HPSCI. Thus, it has two sets of 2-page letters, which makes for the difference in length between the two notices.

2009 PDF 3; 2011 PDF 5: The 2009 notice doesn’t even reveal which two PATRIOT provisions support the dragnet programs. By contrast, the first two bullet points in the 2011 notice (which are unclassified) name the statutes. This results in slightly different language in the 2nd 2009 bullet and the 3rd 2011 one.

2009 PDF 3; 2011 PDF 5: The 2009 notice appears to describe some of the compliance issues right in the “Key Point” section, in the redacted passage in bullet 5. Thus, where the 2009 notice says “substantial progress has been made in addressing those problems,” the 2011 says “the Executive Branch has worked to resolve them.”

2011 PDF 5: Note the 2009 notice doesn’t have the derivative classification information, which would have prevented Congress from seeing that this description dates to January 8, 2007.

2009 PDF 4; 2011 PDF 6: In the last bullet, the 2011 bullet mentions the telecom providers in the US. The 2009 redaction is longer than the 2011 one, and would still be longer even if they redacted the “in the United States” language.

2009 PDF 5: The second redaction on the page doesn’t exist in the 2011 notice, where that bullet ends after “Fourth Amendment.”

2009 PDF 5: The third redaction on the page is perhaps 4 lines longer than the 2011 redaction, and would be longer even if the “only a tiny fraction of such records are ever viewed by NSA intelligence analysts” were redacted.

2009 PDF 6: In 2009, the Internet data had to be purged after 4.5 years. In 2011, both programs retained data for 5 years.

2009 PDF 6; 2011 PDF 8: By far the most significant differences between the notices come (not surprisingly) in the Compliance Issues section. The first two sentences are largely similar, though the 2011 one dates the compliance issues to 2009. There is a redacted passage where this language appears in the 2009 one:

The problems generally involved the implementation of highly sophisticated technology in a complex and every-changing communications environment which, in some instances, resulted in the automated tools operating in a manner that was not completely consistent with the specific terms of the Court’s orders.

That said, the redaction in the 2011 notice is almost exactly the same size at this passage, so the language may be exactly or largely the same. This sentence appears in the 2011 notice but not in the 2009 one.

The FISA Court placed several restrictions on aspects of the business records collection program until the compliance processes were improved to its satisfaction.

The 9-line redaction in the 2011 notice doesn’t appear in the 2009 one. Whereas the 2011 starts a new bullet with the sentence beginning, “The incidents, and the Court’s responses,” the 2009 has that sentence where the redaction appears in the 2011 notice.

Here’s the White Paper version of this compliance statement:

Since the telephony metadata collection program under Section 215 was initiated, there have been a number of significant compliance and implementation issues that were discovered as a result of DOJ and ODNI reviews and internal NSA oversight. In accordance with the Court’s rules, upon discovery, these violations were reported to the FISC, which ordered appropriate remedial action. The incidents, and the Court’s responses, were also reported to the Intelligence and Judiciary Committees in great detail. These problems generally involved human error or highly sophisticated technology issues related to NSA’s compliance with particular aspects of the Court’s orders. The FISC has on occasion been critical of the Executive Branch’s compliance problems as well as the Government’s court filings. However, the NSA and DOJ have corrected the problems identified to the Court, and the Court has continued to authorize the program with appropriate remedial measures.

The first sentence is a more generalized introduction to compliance issues (and unlike the two notice letters, is limited to the telephony metadata). Note that it doesn’t date all the compliance issues to 2009, which suggests there have probably been new compliance issues since. It also adds ODNI as one entity that helped discover the problems. The next two sentences are basically the same as appear in the notices. The statement of what the problems were are slightly different, and modified with “generally,” which suggests human error and technical issues may not cover everything. The statement about how cranky the court got is totally new; if there have been big issues since 2009, it may suggest the court got crankier this time around.

Now compare this language:

2009:

The court has imposed additional safeguards. In response to compliance problems, the Director of NSA also ordered “end-to-end” reviews of the Section 215 and pen-trap collection programs, and created a new position, the Director of Compliance, to help ensure the integrity of future collection. In early September of 2009, the Director of NSA made a presentation to the FISA Court about the steps taken to address the compliance issues.

2011:

The court has imposed safeguards that, together with greater efforts by the Executive Branch, have resulted in significant and effective changes in the compliance program.

PDF 9 2011: Paragraph 1 adds the word “assess” to the sentence, “NSA needs access to telephony and e-mail transactional information in bulk so that it can quickly identify and assess the network of contacts that a targeted number or address is connected to, whenever there is RAS that the number or address is associated with [redaction]” In addition, the redaction in the sentence may be just slightly longer.

PDF 7 2009; PDF 9 2011: The second paragraph in the 2011 notice addres this phrase:

but always based on links to a number or e-mail address which itself is associated with a counterterrorism target.

The 2009 notice treats the “Communications metadata” language as a parenthetical statement; the 2011 starts that sentence with “Again.”

---

Vaughn Index and Related Dates Timeline

April 28, 2006: Report to Congress regarding implementation of Section 215 authority [released in part]

May 2, 2006: Mueller testimony before SJC

June 2006: Semiannual Report

July 17, 2006: Internal Executive Branch report regarding implementation of Section 215 authority

August 17, 2006: Guidelines for government personnel pertaining to implementation of Section 215 authority

September 5, 2006: Submission to FISC of standard minimization procedures regarding implementation of Section 215 authority

December 2006: Semiannual Report

December 15, 2006: Internal Executive Branch report regarding implementation of Section 215 authority

January 8, 2007: Note to Congressional staffer regarding implementation of Section 215 authority; Guidelines for government personnel pertaining to implementation of Section 215 authority; Training materials for government personnel pertaining to implementation of various acquisition authorities, including Section 215 (5 versions of dramatically different lengths)

January 25, 2007: Congressional notification regarding implementation of Section 215 authority

March 9, 2007: Internal Executive Branch email message and attached document regarding implementation of Section 215 authority

April 27, 2007: Report to Congress regarding implementation of Section 215 authority

May 2007: Guidelines for government personnel pertaining to Section 215 authority

June 2007: Semiannual report

August 30, 2007: Internal Executive Branch email message about Congressional inquiry for the record regarding implementation of Section 215 authority

November 13, 2007: Production to Congressional Committee of FISC orders, submissions, and supporting materials regarding implementation of Section 215 authority

December 2007: Semiannual report

December 2007: Guidelines for government personnel pertaining to implementation of Section 215 authority

February 25, 2008: Letter from member of Congress to AG Holder [sic] regarding implementation of Section 215

April 2008: Guidelines for government personnel pertaining to implementation of Section 215 authority

June 2008: Semiannual report

April 25, 2008: Order to Yahoo to compel compliance with FAA order

April 30, 2008: REport to Congress regarding implementation of section 215 authority

June 6, 2008: Internal memo addressed to NSD/OI officials including Matthew Olsen in anticipation of filing to FISC

August 29, 2008: Guidelines for government personnel pertaining to implementation of Section 215 authority; Internal Executive Branch memorandum regarding implementation of Section 215 authority

September 28, 2008 AG Guidelines for Domestic FBI Operations

October 3, 2008: Production to Congressional Committees including FISC submissions and a FISC opinion

December 2008: Semiannual report

December 1, 2008: Production to Congress of FISC opinions and underlying documents on multiple matters, including implementation of Section 215 authority

February 17, 2009: Semiannual report

February 25, 2009: Congressional notification regarding implementation of certain acquisition authorities, including Section 215 authority

March 5, 2009: Submission to Congressional Committees from AAG for Legislative Affairs [cover released]

March 26, 2009: Guidelines for government personnel pertaining to Section 215 authority

March 31, 2009: Dianne Feinstein and Kit Bond request recommendations so they can get started on PATRIOT reauthorization.

April 10, 2009: Congressional notification regarding implementation of Section 215 authority; Guidelines for government personnel pertaining to implementation of Section 215

April 15, 2009: Risen and Lichtblau report new compliance issues with wiretap program

[filed in 2009]: Report to Congress regarding implementation of Section 215 authority [released in part]

May 6, 2009: Response to February 25, 2008 letter to AG on Section 215

May 7, 2009: Congressional notification regarding implementation of Section 215 authority

June 25, 2009: Report regarding implementation of Section 215 authority

June 29, 2009: Congressional notification regarding implementation of certain acquisition authorities, including Section 215 authority

July 2, 2009: Transmittal letter to FISC enclosing copy of report dated June 25, 2009

July 20, 2009: Training materials for government personnel pertaining to implementation of Section 215 authority

September 1, 2009: Briefing materials for FISC

September 3, 2009: Submission to Congressional Committees regarding various matters, including implementation of Section 215 authority. [Cover released]

September 10, 2009: Notification to a Congressional Committee regarding implementation of Section 215 authority

September 14, 2009: DOJ provides recommendations Feinstein and Bond asked for in March; also provides to Pat Leahy (claiming only that SSCI members aware of secret pograms)

September 18, 2009: Briefing materials for FISC regarding implementation of Section 215 authority

October 2009: Briefing materials for FISC

October 19, 2009: FBI General Counsel Valerie Caproni briefs Senate Judiciary Committee members in closed session, and SJC and Senate Intelligence Committee staffers on PATRIOT’s expiring provisions

October 21, 2009: Statement for the record before a Congressional Committee closed hearing on PATRIOT Reauthorization

November 18, 2009: Briefing materials for government personnel pertaining to implementation of Section 215 authority

December 1, 2009: Semiannual report; December 28 & 29, 2009: Semiannual reports for entire year on physical and electronic FISA

December 17, 2009: Ronald Weich letter to Congress

February 23, 24, 2010: Feinstein and Reyes notify members of Weich letter

[filed in 4/2010]: Report to Congress on implementation of Section 215 authority [released in part]

April 8, 2010: DOJ answers questions for the record posed to Robert Mueller, including on Section 215 authority, posed September

[filed June 2010]: Semiannual report

June 15, 2010: Unnamed FBI briefers brief Senate and House Intelligence staffers on efforts to fix ECPA in closed session; this was pertinent to the Section 215 FOIA because briefers explained why the FBI wasn’t using Section 215 rather than ECPA

August 16, 2010: Production to Congress of FISC opinions and underlying documents on multiple matters, including implementation of Section 215 [cover released]

November 2010: Guidelines for government personnel pertaining to implementation of Section 215 authority

December 2010: Semiannual report

December 1, 2010: Memo to Congressional staffer regarding certain acquisition authorities, including Section 215

February 2, 2011: Ronald Weich letter to Congress

February 4, 2011: Production to Congress of FISC opinion and underlying documents, [cover letter released]

February 8, 2011: Feinstein notifies Congress of Weich letter; Rogers provides no such notice

February 28, 2011: Valerie Caproni and others (including someone from the Director of National Intelligence Office) brief SJC members in closed session (Pat Leahy, Chuck Grassley, John Cornyn, Richard Blumenthal, Sheldon Whitehouse, Dianne Feinstein, Orrin Hatch, and Mike Lee are listed attendees)

March 17, 2011: FBI Executive Assistant Director (now Deputy Director) Sean Joyce, Acting Assistant Attorney General Todd Hinnen, and unnamed others, brief House Intelligence Members on expiring PATRIOT provisions

March 29, 2011: Guidelines for government personnel pertaining to implementation of Section 215 authority

March 30, 2011: Mueller testimony before SJC

[filed in April 2011]: Report to Congress regarding implementation of Section 215 authority [released in part]

May 11, 2011: Training materials for government personnel pertaining to implementation of Section 215 authority (7 different versions of different lengths)

May 13, 2011: FBI Director Robert Mueller and Valerie Caproni brief the House Republican Caucus in closed session

May 26, 2011: Senate approves PATRIOT reauthorization House approves PATRIOT reauthorization

June 2011: Semiannual report

June 2011: Guidelines for government personnel pertaining to implementation of Section 215 authority

September 1, 2011: Congressional notification regarding implementation of Section 215 authority

December 2011: Semiannual report

[filed in April 2012]: Report to Congress on implementation of Section 215 authority

In this post, I’m going to examine a claim made in the May 3, 2012 audit report of NSA violations. Through the magic of simple arithmetic, I’m going to show that the report misleads readers about why the number of incidents rose in the first quarter of 2012, wrongly suggesting it was an unpreventable seasonal problem, rather than pointing to the human error and fault that really explained the increase.

On page two, the report shows how many Signals Intelligence Directorate-reported incidents there are across both kinds of authorities: EO 12333 (strictly foreign) and FISA (involving US persons).

As the report acknowledges, there was an 11% increase in incidents for both kinds of authority.

But don’t worry, the report says, the increase is due to Chinese New Year, sort of.

The increase in incidents reported for 1QCY12 was due to an increase in the number of reported Global System for Mobile Communications (GSM) roamer1 incidents, which may be attributed to an increase in Chinese travel to visit friends and family for the Chinese Lunar New Year holiday.

1Roaming incidents occur when a selector associated with a valid foreign target becomes active in the U.S.

On the following page, a section provides further explanation on the roamer problem.

The largest number of incidents in the System Limitations category account for roamers where there was no previous indications of the planned travel. These incidents are largely unpreventable. Consistent discovery through the Visitor Location Register (VLR) occurs every quarter and provides analysts with timely information to place selectors into candidate status or detask. Analysis identified that these incidents could be reduced if analysts removed/detasked selectors more quickly upon learning that the status of the selector had changed and more regularly monitored target activity. This analysis indicates that continued research on ways to exploit new technologies and researching the various aspects of personal communications systems to include GSM, are an important step for NSA analysts to track the travel of valid foreign targets.

On page 6, we get a more comprehensible explanation.

Roamers: Roaming incidents occur when valid foreign target selector(s) are active in the U.S. Roamer incidents continue to constitute the larges category of collection incidents across E.O. 12333 and FAA authorities. Roamer incidents are largely unpreventable, even with good target awareness and traffic review, since target travel activities are often unannounced and not easily predicted.

In other words, the roamer problem stems from the fact that when valid foreign targets travel to the US with their GSM phones, analysts don’t know that and therefore don’t act accordingly. I think (though am not positive) the presence of the target in the US would shift a 12333 intercept into a FISA one (we’d be tracking calls to foreigners with one end in the US), and a FISA Amendments Act target into an illegal one (we’d be tracking calls with both ends in the US, one potentially involving a US person). Since this involves primarily valid foreign targets, it is not the most urgent problem identified in the report.

And, the NSA claims, it is largely unavoidable, so readers of this report should expect the relatively large numbers of roamer problems to continue.

Up to this point — far beyond where most readers will be paying attention, I’d imagine — we might believe (because the report said so explicitly) that the 11% increase in incidents stems from a problem involving valid foreign targets and reflecting an unavoidable technical problem.

It’s only when you get to page 5 and 6 that this narrative falls apart. Here’s how many roamer incidents occurred under EO 12333 for the four quarters reported.

 

And here’s how many roamer incidents occurred under FISA for the four quarters presented.

Adding the roamer incidents for each kind of authority together, we discover the total roaming incidents, across both authorities, look like this in the last quarter of 2011 and first quarter of 2012:

4QCY11: 582 + 87 = 669

1QCY12: 491 + 95 = 586

In fact, the roaming problem doesn’t explain the 11% overall increase in incidents at all, because the number of roaming incidents under EO12333 actually went down 19%, meaning roaming incidents across the two authorities went down 14%.

The roamer explanation doesn’t even explain the entire increase in FISA incidents, as FISA roamer incidents only went up 9%, as the report admits on page 6. On that page, the report admits that another big source of increased incidents, for both kinds of authorities, comes from database queries.

During 1QCY12, NSAW SID reported an increased of 9% of roamer incidents under all FISA Authorities. There was also a 260% increase in database query FISA Authority incidents during 1QCY12. Human Error accounted for the majority of all FISA Authorities database query incidents (74%).

[snip]

Database Queries: During 1QCY12, NSAW SID reported a total of 115 database query incidents across all Authorities, representing a 53% increase from 4QCY11. E.O. 12333 Authority database query incidents accounted for 84% (97) of the total, and all FISA Authorities database query incidents accounted for 16% (18).

The report goes on to describe the root causes for these database query incidents.

Broad syntax (i.e., no or insufficient limiters/defeats/parameters)

Typographical error

Boolean operator error

Query technique understood but not applied

Not familiar enough with the tool used for query

Incorrect option selected in tool

Lack of due diligence (failure to follow standard operating procedure)

Training and guidance

Resources (Inaccurate or insufficient research information)

Thus, the front page story on this report should not be “oh, it’s all the fault of the Chinese New Year,” but instead, “oh, a bunch of human errors and due diligence (which implies fault) and research problems (which might be somebody else’s fault) resulted in the better part of the reported incident increase.”

There’s one more thing that accounts for the increase: International Transit Switch Collection, which is the problem behind the FISA Court’s October 3, 2011 finding that the program violated the Fourth Amendment (see this report, which I’ll return to). Transit Program violations went from 7 in 4QCY11 to 27 in 1QCY12. But don’t worry about that, the report says; it just reflects a different counting method.

International Transit switches, FAIRVIEW (US-990), STORMBREW (US-983), ORANGEBLOSSOM (US-3251), and SILVERZEPHYR (US-3273) are Special Source Operations (SSO) programs authorized to collect cable transit traffic passing through U.S. gateways with both ends of the communication being foreign. When collection occurs with one or both communicants insider the U.S., this constitutes inadvertent collection. From 4QCY11 to 1QCY12, there was an increase of transit program incidents submitted from 7 to 27, due to the change in our methodology for reporting and counting these types of incidents.

I’m guessing this changed methodology arose in response to the FISC opinion and also guessing that there should have been far more than 7 or even 27 violations reported before the FISC declared all this illegal.

But that still means that another important contributor to the rise in incidents between the two quarters had to do with actually counting the number of times US person communications were collected off of purportedly international transit switches.

Now, I might assume the simple math problem the NSA exhibited here was innocent.

Except it’s the NSA, the biggest math organization in the world. If I — someone who hasn’t played around with math in 27 years — can find the NSA’s simple arithmetic problem, I’m going to assume it is not an accident at all, but stems instead from an effort to hide the more serious problems deeper in the report.

The NSA: failing simple math.

Update: I should add that one other source of the increase — larger in absolute terms than the roamer problem — comes from analysts failing to turn off some or all of a wiretap of a US person when they’re supposed to.

I’ve been meaning to comment on this story from Bill Gertz from last week. After reporting that the Israelis bitched about US reports of the Israeli strike on Russian made missiles shipped to Syria,

Israeli government officials voiced anger at U.S. press leaks traced to the Pentagon following the July 5 Israeli missile attack on the Syrian port of Latakia that destroyed a shipment of Russian-made anti-ship missiles, according to U.S. officials.
Senior Pentagon officials, including Deputy Secretary of Defense Ashton Carter who is currently visiting Israel, discussed the leaks during meetings with Israeli officials this week. The Israelis argued in private meetings and other exchanges that the disclosures could lead to Syrian counterattacks against Israel and should have been coordinated first with the Israeli government. [my emphasis]

It catalogs multiple people — both American and Israeli — talking about the intent of the gag and concerns about secrecy.

A U.S. official said signs of Israeli anger over the Latakia raid disclosures appeared in several Israel press outlets. One Israeli official was described as “furious” over the leak because the Pentagon did not coordinate its release of information first with Israel.

Other Israeli officials were quoted as saying that in the aftermath of the Yakhont missile strikes that ties between Israel and Syria had reached a new peak and that there are worries that tying Israel to the attack will prompt Syrian leader Bashar al-Assad to retaliate soon or against a future Israeli attack. [my emphasis]

As far as I know, no one besides Gertz has reported on Israeli anger, in spite of the fact that the reports were published by notorious DOD mouthpieces. There’s Barbara Starr,

A series of explosions on July 5 at a critical Syrian port was the result of airstrikes by Israeli warplanes, according to multiple U.S. officials.

Regional media widely reported the predawn explosions at Latakia, but no one had officially claimed responsibility.

Three U.S. officials told CNN the target of the airstrikes were Russian-made Yakhont anti-ship missiles that Israel believes posed a threat to its naval forces.

And Michael Gordon,

Israel carried out an air attack in Syria this month that targeted advanced antiship cruise missiles sold to the Syria government by Russia, American officials said Saturday.

The officials, who declined to be identified because they were discussing intelligence reports, said the attack occurred July 5 near Latakia, Syria’s principal port city. The target was a type of missile called the Yakhont, they said.

Mind you, the Israelis don’t claim to be pissed that the leaks occurred (in spite of claims that revealing it publicly will make it more likely someone — I’m not sure precisely who — will attack Israel. Just that they (allegedly) occurred without coordinating with the Israelis.

Compare this treatment with the efforts to mandate investigations of leaks last year that made it harder to gin up war against Iran.

And with reports that retired General Hoss Cartwright is being investigated for repeating stories about Israel’s purported role in letting StuxNet escape Iranian nuke facilities (a leak which, it should be said, added to an earlier Michael Gordon co-byline).

Funny. Just a few weeks before the Latakia leaks to noted stenographers, leaking about Israel could get even a top General investigated.

But when stenographers report similar stories, crickets.

Congratulations to the AP, which has caught up to the reporting I did a month ago on the way SOCOM purged their own systems of Osama bin Laden photos (and, apparently, records) and moved them to the CIA.

But it appears that this shell game involved more than just moving all these records to CIA. It appears CIA had to retroactively classify at least the photographs.

As you recall, Judicial Watch (as well as a bunch of other entities) had FOIAed any pictures of the raid. It its motion for summary judgment, JW made several complaints about the government’s FOIA response:

• The search, particularly at DOD, was inadequate.
• The government declarations didn’t adequately specify what was included in the pictures (I suspect this was done to hide trophy pictures not shown to Congress or, possibly, even the President).
• The government declarations don’t prove that all the photos could cause exceptionally grave harm.
• The description of the classification process was inadequate.

It is the last of these that is most interesting, given the apparent fact that DOD transfered all its photos to CIA (plus my suspicion that a lot of these are trophy photos, not official operational photos).

First, Defendants fail to identify who classified the records. Director Bennett testifies as to who generally has the authority to classify information as TOP SCERET and who generally has the authority to delegate such authority. Bennett Decl. at ¶¶ 14-15. In addition, Director Bennett states that the “Director of the CIA has delegated original TOP SECRET classification authority to me. As an original classification authority, I am authorized to conduct classification reviews and to make original classification decisions.” Id. at ¶ 18. Yet, Director Bennett does not testify that he personally classified the records. Nor does he state that any other authorized official actually classified the records.  If an individual without the proper authority classified the records, Defendants have not complied with the procedural requirements of EO 13526.

Second, Director Bennett does not specifically testify as to when the 52 records were classified. Director Bennett only states that as of September 26, 2011, the 52 records are currently and properly classified. Yet, the day Director Bennett drafted and signed his declaration is inconsequential. The operative date as to whether the classification occurred according to proper procedures is the date of classification. As stated above, different procedures exist for records that were classified prior to or subsequent to the receipt of a FOIA request. Once a FOIA request has been received, a government agency can only classify material “if such classification meets the requirements of this order and is accomplished on a document-by-document basis with the personal participation or under the direction of the agency head, the deputy agency head, or the senior agency official designated under section 5.4 of this order.” EO 13526, § 1.7(d) (emphasis added). The raid and the creation of the records occurred on May 1, 2011. Bennett. Decl. at 4, n. 2. Plaintiff and others submitted FOIA requests for the records as early as May 2, 2011.5 As stated above, President Obama explained around 1:00 p.m. on May 4, 2011 that he had made the decision to not release post mortem photographs of bin Laden. In addition, then-Director Panetta stated on the evening of May 3, 2011 that at least some of the photographs would be released. In other words, as of the morning of May 4, 2011, no decision had been reached. Since Plaintiff sent its FOIA request on May 2, 201, it is more than likely that the records were classified after a FOIA request for the records was received. Yet, Defendants have not presented any evidence as to whether the 52 records were classified between their creation and the President’s comments, or after the President’s comments and prior to September 26, 2011. In addition, if the records were classified after a FOIA request was received, Defendants have failed to demonstrate that the 52 records were classified on a document-by-document basis. Also, as stated above, Defendants have not presented any evidence of who classified the records. Therefore, Defendants have also failed to demonstrate whether the records were classified with the personal participation or under the direction of the agency head, the deputy agency head, or the senior agency official designated under section 5.4 of this order. [my emphasis]

In response to this motion, CIA submitted a second declaration that still doesn’t explain how the photos first got classified (though it does provide additional evidence that it happened retroactively).

At the time of Mr. Bennett’s declaration, these records were marked “TOP SECRET” and were otherwise maintained in a manner that satisfied the procedural requirements of the Executive Order under the circumstances.1 Since then the CIA has, out of an abundance of caution, taken additional steps to ensure that each of these records contains all of the markings required by the Executive Order and its implementing directives, including information that reveals the identity of the person who applied derivative classification markings, citations to the relevant classification guidance and reasons for classification, and the applicable declassification instructions.

As for Plaintiff’s inquiry concerning the identity of the original classification authority (OCA), after the CIA received these records, they were derivatively classified in accordance with the guidance provided by the CIA’s designated “senior agency official,” as authorized by Part 2 of the Executive Order. The CIA official who provides this classification guidance — and is therefore the OCA for these records — is the CIA’s Director of Information Management  Services, who is the authorized OCA who has been designated to direct and administer the CIA’s program under which information is classified, safeguarded, and declassified. When Mr. Bennett, who is himself an OCA acting under the direction of the CIA Director, later reviewed each of these records for the purpose of this litigation, he reaffirmed that these prior classification determinations were correct and that the records continued to meet the criteria of the Order.

1 Contrary to Plaintiff’s suggestion, after their creation these extraordinarily sensitive images were always considered to be classified by the CIA and were consistently maintained in a manner appropriate for their classification level. [my emphasis]

After JW noted that if the photos were classified after their FOIA, they would have had to have been classified on a photo by photo basis by the Director of CIA, Deputy Director, or a Senior Agency Official in charge of classifications, the CIA responded by saying that, after the CIA got the photos (which by all appearances happened after the FOIA), they were derivatively classified in accordance with the SAO’s guidance.

CIA doesn’t say whether that official reviewed the photos individually or not. Nor does it explain who wrote “TOP SECRET” on them, without adding all the other required classification markers.

And note how the CIA claims these photos “were always considered to be classified” by them — but not necessarily by SOCOM, which originally had the photos. But they don’t even claim they were always considered to be Top Secret.

Now, it’s likely that the actual documents pertaining to the OBL raid (if SOCOM had any) were treated somewhat more regularly. At the very least, it’s less likely the SEALs who participated in the raid would have trophy documents!

But as far as the photos are concerned, it appears that the shell game included not just the purging of the documents from SOCOM’s servers and transferring them to CIA, but also in retroactive classification — which may or may not have complied with regulations — after they got to CIA.

As we await the next installment from Edward Snowden’s White Bronco chase around the globe, it’s worth remembering our attempt to overthrow Bashar al-Assad and the Boston Marathon attack (and subsequent whitewashing about how closely Russia is cooperating) are not the only things underlying US-Russian relations.

Russia is still very angry about our assertion of jurisdiction to entrap Viktor Bout for selling arms to FARC.

Indeed, Preet Bharara is among the US officials that Russia sanctioned in retaliation for the Magnitsky list, along with such leading lights of American law as John Yoo and David Addington.

Jeralyn lays out Russian frustrations over our manufactured jurisdiction with two of their citizens here.

Bout’s story (background here)is even worse. He was the victim of a DEAsting in Thailand. The U.S. fought tooth and nail to extradite him and lost. The U.S. appealed (and likely pulled some strings, if the Wikileaks cables are any indication, and lo and behold, The higher court in Thailand approved his extradition. He spent a miserable two years at MCC in New York, was convicted and sentenced to 35 years which he is serving at theUSP in Marion, IL., one of our SuperMax prisons. The U.S. claims he’s a “Lord of War” and seller of arms. He never sold arms here. What’s it our business? Why have a prisoner transfer treaty if you aren’t going to use it? Did anyone ask the American taxpayers if they want to pay $40,000 a year times 30 years to warehouse Bout in a high security prison when Russia’s willing to take him?

You don’t have to like what Bout did (which is not much more destabilizing than what Erik Prince has done) to understand that when the US claims jurisdiction over anyone in the world, even if they do nothing to harm the US directly, is going to piss off other countries.

Eventually, those countries may have an opportunity to express their frustration about it.

Well, hello there Clarisse. As I look at the crack of light filtering in through the drawn Elvis curtains of my hotel room, it appears to be morning. We had fun last night. The first picture is of, from left to right, Col. Morris Davis, Marcy and Jen Nessel of the Center for Constitutional Rights. Also present, but sadly out of the frame, were Jim White and our longtime friend and fearless roving reporter Rosalind.
.
.
.
.
.
.
..

Next picture is of Jim’s beer choice. He ordered an “Ass Kicker Beer” and, as you can see was, in a stroke of bar server genius, served an “Ass Kisser”. True story!
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Lastly, the third picture is of a rather unfortunate drink I ordered. I got the happy hour special. I don’t know what the hell it was, but it was NOT what I had in mind. Jeebus.
.
.
.
.
.
.
.

As Afghanistan careens toward presidential elections next April and the end of authorized NATO presence in Afghanistan at the end of next year, we are beginning to see jockeying for position among the same set of militia strongmen who never have been forced to face consequences for the war crimes they committed the last two times Afghanistan was without a government.

Perhaps the most notorious of these war criminals is Rashid Dostum, who is accused of killing up to two thousand prisoners who surrendered as Kabul fell to US forces. Here is McClatchy in 2008 describing Dostum removing evidence of his war crimes:

Seven years ago, a convoy of container trucks rumbled across northern Afghanistan loaded with a human cargo of suspected Taliban and al Qaida members who’d surrendered to Gen. Abdul Rashid Dostum, an Afghan warlord and a key U.S. ally in ousting the Taliban regime.

When the trucks arrived at a prison in the town of Sheberghan, near Dostum’s headquarters, they were filled with corpses. Most of the prisoners had suffocated, and others had been killed by bullets that Dostum’s militiamen had fired into the metal containers.

Dostum’s men hauled the bodies into the nearby desert and buried them in mass graves, according to Afghan human rights officials. By some estimates, 2,000 men were buried there.

Earlier this year, bulldozers returned to the scene, reportedly exhumed the bones of many of the dead men and removed evidence of the atrocity to sites unknown. In the area where the mass graves once were, there now are gaping pits in the sands of the Dasht-e-Leili desert.

/snip/

Now, Mutaqi said, “You can see only a hole. In the area around it you can find a few bones or some clothes. The site is gone . . . as for evidence, there is nothing.”

The US has done absolutely nothing to see that Dostum faces prosecution for his crimes. In fact, with the recent disclosure of “bags o’ cash” going directly from the CIA to Hamid Karzai, the word is that as Afghanistan’s Chief of Staff of the Army, Dostum is recieving up to $100,000 per month under the program.

Today, we learn that Dostum is running roughshod again. The scene of the crime is once again Sherberghan. It appears that Dostum’s militia has engaged in gunfire with the provincial governor’s security detail. Adding to the confusion surrounding this event is that the provincial governor is a member of the same political party Dostum founded. Further, it appears that Dostum’s militia is also accused of firing on the National Security Directorate.

Radio Free Europe has this description of today’s events:

The governor of Afghanistan’s northern Jowzjan Province says his house has been attacked by ethnic Uzbek commander Abdul Rashid Dostum’s militia.

Governor Mohammad Alem Saee told RFE/RL’s Radio Free Afghanistan that several attackers were injured on June 17 when his bodyguards returned fire.

Saee said Dostum’s militia also attacked the National Security Directorate’s provincial office.

We learn from Khaama Press that although Dostum and Sahi belong to the same political party, they have been feuding:

According to reports the armed men of former Warlord and founder of National Islamic Movement of Afghanistan Party Gen. Abdul Rashid Dostum on Monday attacked the Jowzjan provincial compound.

/snip/

Mohammad Aalim Sahi was a member of the National Islamic Movement Party of Afghanistan, however severe disputes were reported between him and Gen. Dostum recently.

According to reports Mohammad Aalim Sahi also has close relations with Afghan president Hamid Karzai.

Stars and Stripes sees this development as signalling that Afghanistan faces a very uncertain future:

In what may be a worrying sign for the future of Afghanistan, militiamen loyal to the Afghan National Army chief of staff and the bodyguards of a provincial governor exchanged fire on Monday for 20 minutes in the north of the nation, officials said.

Mohammad Alam Sayee, the governor of Jowzjan province, was returning to his compound in the provincial capital Sherberghan, when armed men affiliated with Gen. Abdul Rashid Dostum moved in on the facility, Sayee’s spokesman, Mohammad Yama Jamili said.

/snip/

After Sayee took refuge in his compound, tensions escalated and the two sides fired on each other, though no one was injured, according Jamili.

Jowzjan police chief Abdul Aziz Ghairat confirmed that he received a report that Dostum’s men had surrounded the governor’s compound, but said the firefight ended by the time his officers arrived at the scene.

This is not the first time that Dostum has feuded with a prominent figure of the political party he founded. Back in February, a member of the party became so upset with Dostum that he threatened to expose Dostum’s war crimes (even though we already know about them):

The former leader of Hezb-e-Junbish Millie Islami — National Islamic Movement party of Afghanistan warned to disclose the war crimes of the party’s founder and former warlord Gen. Abdul Rashid Dostum if he does not prevent his interference in the party.

However a spokesman for the National Islamic Movement party of Afghanistan denied the allegations by Syed Noorullah Sadat and said Gen. Abdul Rashid Dostum does not misuse from his military position to interfere in party’s internal affairs.

Syed Noorullah Sadat accused Gen. Dostum for interfering in National Islamic Movement Party fo Afghanistan and warned that he will disclose the war crimes committed by him.

It would appear that Dostum is taking steps to solidify his power ahead of the coming transitions. What could possibly go wrong with a known war criminal expanding his power base?

Let me start this post by saying I think it is absolutely appropriate for Eric Holder to have recused himself from the UndieBomb 2.0 investigation, in part because — as someone read into the UndieBomb 2.0 operation, he was interviewed by the FBI (though so was James Cole, who is now in charge of the investigation), and he turned over his own phone contacts to the FBI — but also because top Administration officials like John Brennan at least should be under close scrutiny in this investigation.

Nor do I think, in his recusal, Eric Holder did anything in bad faith. I have zero reason to believe Holder is tampering with this investigation, in any way shape or form.

But Jeebus, Holder is doing this entire recusal thing wrong.

That’s true, first of all, because with a rabid Congress (at the time he recused from the investigation and now) accusing him of wrongly delegating this investigation to Ronald Machen in an investigation that could net incredibly powerful people as suspects, Holder did not write his recusal — or a delegation of authority of Attorney General powers — to James Cole, who is overseeing the investigation.

Now, Holder claims not to remember whether he memorialized his recusal in past cases, including the John Edwards investigation — the most high profile case in which he has recused. And though George Holding, who conducted that investigation and now represents the Raleigh, NC, area in Congress, was in the room, I’m not sure they clarified whether he had written anything down there, either. Holder was, however, very clear about what authorities he delegated to Patrick Fitzgerald when he investigated the John Adams Society, which led to the prosecution of John Kiriakou, having sent 3 letters (1, 2, 3) memorializing the limits of Fitz’ authority.

I think part of the problem is that Holder didn’t really appoint special counsels to investigate this matter, even while he made a big deal of appointing the people who — US Attorney for DC Ronald Machen’s appointment rather then US Attorney for Eastern District of VA Neil MacBride aside — would have been investigating it anyway. Dumb. Congress was screaming for some kind of formality, and Holder didn’t establish that formality.

And then there’s the journalist-subpoenaing precedent of the Plame investigation where Fitz several times got letters clarifying his authority. The first of those reads,

By the authority vested in the Attorney General by law, including 28 U. S .C. §§ 509, 510, and 515, and in my capacity as Acting Attorney General pursuant to 28 U.S.C. § 508, I hereby delegate to you all the authority of the Attorney General with respect to the Department’s investigation into the alleged unauthorized disclosure of a CIA employee’s identity, and I direct you to exercise that authority as Special Counsel independent of the supervision or control of any officer of the Department.

This came in handy later in the investigation when Libby’s lawyers challenged Fitz’ authority.

Then, Holder’s recusal hasn’t been very strict. Most troublingly, Eric Holder reviewed the letter James Cole sent to the AP (though Holder saw a draft which, according to his press conference, included things like details on the specific scope of the subpoena that don’t appear in the final letter). NPR’s Carrie Johnson asked him about this.

Johnson: Is that normal practice when you’re recused from a case?

Holder: No, I just wanted to see the le–I saw I mean I saw saw the draft letter this morning. And I just wanted to have an opportunity to see what it looked like so I’d have at least some sense of the case in case there were things in the letter that I could talk about with the press.

Reviewing this letter — particularly before changes got made to it!! (changes which appear to have deprived the AP of full notice of the call record grab) — simply isn’t appropriate for someone recused from the case!

Again, I’m not suggesting malice here.

But the AP has already — rightly, in my opinion — challenged whether DOJ complied with its own guidelines on media subpoenas. In particular, AP complained that they had not been given notice and an opportunity to cooperate. That’s one of the guidelines that requires AG involvement.

Negotiations with the affected member of the news media shall be pursued in all cases in which a subpoena for the telephone toll records of any member of the news media is contemplated where the responsible Assistant Attorney General determines that such negotiations would not pose a substantial threat to the integrity of the investigation in connection with which the records are sought. Such determination shall be reviewed by the Attorney General when considering a subpoena authorized under paragraph (e) of this section.

Yet the guy who signed this subpoena and with it signed off on the claim that alerting AP to the subpoena would do grave damage to the investigation  — James Cole — apparently has no piece of paper giving him authority to sign it.

If DOJ ultimately decides to charge the AP’s sources, if that person has the kind of legal representation DC bigwigs often have, I fully expect them to challenge every bit of their prosecution. After all, by subpoenaing the AP, Cole claimed that DOJ could not get the information from any other source. So if AP’s sources are indicted, they can rest assured that their prosecution went through this bottleneck of an Acting AG who had no paperwork to prove he had the authority to sign off on the claims he was making to get information he was certifying was absolutely necessary to find them. And from this subpoena forward, everything else will be fruit of a tainted AG, at least if you’ve got fancy lawyers.

Dumb.

One last thing. Also in today’s hearing, Holder admitted that it probably would have been a good idea to write down this recusal thing in public. Which, if they do ever charge AP’s sources and if said sources have the resources to make this obvious challenge, they’ll cite in court to document that even the guy who delegated this authority thinks it would be smarter if he did so in writing.

Seriously, this entire recusal process has been an own goal. As I said, I don’t think DOJ is pulling anything fishy. But the entire point of recusing is to ensure there’s proof nothing fishy happened. And in this case, DOJ has anything but.

[youtube]hOxz-jyDwr0[/youtube]

It’s that time of year: when Mr. EW and I celebrate St. Pattys, his birthday, our anniversary, and my birthday (and, this year, our friend Catie’s birthday, too).

We’ll be doing it, for the next 5 days or so, in KY’s Red River Gorge — sandstone like you’d expect to find in the Southwest, but with rhododendrons growing everywhere instead of saguaros.

Then we’ll be heading on a Bourbon and ham pilgrimage. We’re not Bourbon drinkers, so include your advice in comments!

Thing is, while Red River Gorge is beautiful, it also is one of the places in the US that still has godawful Intertoobz and wireless connectivity. Blame Mitch McConnell for screwing his constituents, I guess.

So I’ll probably be mostly absent from these parts until Wednesday and only somewhat present until whenever we decide to return home to Beer Mecca from Bourbon Mecca.

Sadlly, bmaz (and Jim and Rayne) will have to make do with whatever leftovers are in the likker cabinet until I can stock it with Bourbon again. I’m sure he’ll make do!