Raw Versus Cooked: Could NSC Monitor FBI’s Investigation?

Multiple people,including Bart Gellman and Josh Marshall, are now arguing that the reason Ezra Cohen-Watnick and Michael Ellis found intercepts involving Trump’s people is that they were monitoring FBI’s investigation of the investigation.

I certainly think the Trump people would like to do that — and would be willing to stoop to that. I even believe that the response to the Russian hack last year had some counterintelligence problems, though probably not on the FBI side.

But there are some details that may limit how much the NSC can monitor the investigation.

First, Devin Nunes has always been very clear: the intercepts he was shown have nothing to do with Russia. That’s not, itself, determinative. After all, Cohen-Watnick and Ellis might have found a bunch of Russian intercepts, but only shared the non-Russian ones so Nunes could make a stink without being accused of endangering the investigation. Also, it’s possible that intercepts involving other countries — most notably Turkey, but there are other countries that might be even more interesting, including Ukraine or Syria — would impact any Russian investigation.

Also note that among the many things Nunes appears not to understand about surveillance is that there are two ways an American’s name can be visible outside the circle of analysts doing the initial review of them: their names can be put into finished intelligence reports that get circulated more broadly, with customers asking to have the name unmasked after the fact. Alternately, their names can be found off of subsequent searches of raw data. At the NSA and CIA, searches for US person content are somewhat controlled. At FBI they are not only not controlled, but they are routine even for criminal investigations. So if, say, General Flynn (or Paul Manafort) were under investigation for failing to register as a foreign agent, the FBI would routinely search their database of raw FISA material on his name. (These are the “back door searches” Ron Wyden has been screaming about for years, concerns which people like Devin Nunes have previously dismissed on national security grounds.) And we have every reason to believe that counterintelligence intercepts of Russians in the US are among the raw feeds that the FBI gets. So if Flynn had conversations with Russians (or Turks) in the US, we should assume that FBI saw them as a routine matter if Flynn became the subject of an investigation at all. We should also assume that the FBI did a search on every Sergey Kislyak intercept in their possession, so they will have read everything that got picked up, including all recorded calls with Trump aides.

On March 15, the House Intelligence Committee asked the NSA, CIA, and FBI for information on unmasking. I don’t believe that request asked about access to US person names on subsequent searches or raw material. Furthermore, at least as of last week, the FBI was not rushing to comply with that request. As I noted after the Jim Comey hearing before HPSCI, none of the Republicans concerned about these issues seemed to have any basic clue about FBI’s searches on raw data. If Nunes doesn’t know (and he appears not to), it’s unlikely Ellis knows, who was until this month Nunes’ aide.

But there’s one other thing that may prevent NSC from obtaining information about the investigation: FBI sometimes uses what are called “ad hoc databases” that include raw FISA data (and probably, post EO 12333 sharing rule changes, raw EO 12333 data) tied to particular investigations. It’s unclear what conditions might necessitate the use of an ad hoc database (see page 25ff for a discussion of them), but if security concerns would encourage their use, it would be likely to have one here, an investigation which Comey described as being so sensitive he delayed briefing the Gang of Four. Ad hoc databases are restricted to those working on investigations, and include specific records of those authorized to access the database. So if FBI were using an ad hoc database for this investigation, it would be even harder for the NSC to learn what they were looking at.

If the FBI’s investigation relies on raw intelligence — and it would be unfathomable that it does not, because it would probably receive the raw FISA data tied to such an investigation routinely, and EO 12333 sharing rules specifically envision the sharing of raw data associated with counterintelligence investigations — then the NSC’s access to finished intelligence reports would provide little insight into the investigation (Nunes was a bit unclear on whether that’s what he was looking at, but the entire premise of his complaints is that these were finished reports).

But while we’re worrying about whether and how Trump would monitor an investigation into his aides, remember that in 2002, Jay Bybee wrote a memo authorizing the sharing of grand jury information with the President and his close advisors including for counterintelligence investigations.

In addition, the Patriot Act recently amended 6(e) and Title III specifically to provide that matters involving foreign intelligence or counterintelligence or foreign intelligence information may be disclosed by any attorney for the government (and in the case of Title III, also by an investigative or law enforcement officer) to certain federal officials in order to assist those officials in carrying out their duties. Federal officials who are included within these provisions may include, for example, the President, attorneys within the White House Counsel’s Office, the President’s Chief of Staff, the National Security Advisor, and officials within the Central Intelligence Agency and the Department of Defense.


Although the new provision in Rule 6(e) permitting disclosure also requires that any disclosures be reported to the district court responsible for supervising the grand jury, we conclude that disclosures made to the President fall outside the scope of the reporting requirement contained in that amendment, as do related subsequent disclosures made to other officials on the President’s behalf.

In other words, Trump could demand that he — or his National Security Advisor! — get information on any grand jury investigations, including those covering counterintelligence cases. And no judge would be given notice of that.

With Jeff Sessions’ recusal, that’s far less likely to happen than it might have been. But understand that the Executive Branch believes that the President can learn about the happenings in grand jury investigations of the sort that might target his aides.

Update: additional details have been added to this post after it was first posted.

The Lesson Trump Has (Thus Far) Not Taught Us: Civilian Casualties

I have a confession.

There’s something I like about the Trump Administration.

It’s the way that his unpopularity taints long-standing policies or practices or beliefs, making people aware of and opposed to them in a way they weren’t when the same policies or beliefs were widely held under George Bush or Barack Obama. Many, though not all, of these policies or beliefs were embraced unquestioningly by centrists or even avowed leftists.

I’ve been keeping a running list in my mind, which I’ll begin to lay out here (I guess I’ll update it as I remember more).

  • Expansive surveillance
  • The presumption of regularity, by which courts and the public assume the Executive Branch operates in good faith and from evidence
  • Denigration of immigrants
  • Denigration of Muslims
  • Denigration health insurance

As an example, Obama deported a huge number of people. But now that Trump has expanded that same practice, it has been made visible and delegitimized.

In short, Trump has made things that should always have been criticized are now being far more widely so.

But there’s one thing that Trump has escalated that has thus far — with the singular exception of the botched raid on Yemen — escaped widespread condemnation: the bombing of civilians. There was the Al Jineh mosque on March 16, a school sheltering families in Raqqa on March 21, and this strike last week in Mosul, not to mention continued Saudi attacks in Yemen that the US facilitates.

Again, I’m not saying such civilian strikes didn’t happen under Obama. And it’s not clear whether this spate of civilian bombings arises from a change in the rule of engagement put in place in December, the influence of James Mattis, or Trump’s announced review of rules of engagement. But civilians are dying.

And for the most part, unlike all the other horrible things happening under President Trump, they’re getting little notice and condemnation in the US.

Update: This NYT story on the Mosul strike says that the increased civilian casualties do reflect a change in rules of engagement put in place under Trump.

If Amazon Web Services Goes Down, Do the Cloud Services AWS Provides the Intelligence Community Too?

As you may have heard, Amazon has had a bad outage today, taking down many entities that rely on its cloud service.

Most of the coverage has focused on the private businesses that have been affected, from small businesses to larger ones (I suspect Office Max was broadly affected, because they were down today too), to media outlets.

I want to know if, when Amazon’s Northern Virginia cloud services go down, whether the cloud services Amazon provides to the Intelligence Community goes down too. The IC cloud is supposed to be completely separate from AWS’ commercial services. But if things are going haywire generally in Northern Virginia, those problems may extend to Amazon’s (understood to be NoVA located) IC servers.

I raise that, in part, because of a point I made in these two posts about the new EO 12333 sharing rules Obama implemented in January. The data sharing envisioned can happen in one of three places: on NSA’s own servers, on the recipient agency’s own servers, or on the cloud.

NSA may choose to make raw SIGINT available (i) through NSA’s systems; (ii) through a shared IC or other Government capability, such as a cloud-based environment; or (iii) by transferring some or all of the information to the recipient IC element’s information systems. Only information that can be afforded appropriate handling, storage, retention, and access protections by the recipient IC element will be made available.

Indeed, rolling out the IC cloud was a necessary technical precondition for this sharing process.

As I subsequently pointed out, one application for this expanded sharing was to make counterintelligence information — of the kind that would be central to the investigation into Russia’s hack of the DNC and/or other influence peddling with Trump allies — more widely available (for example, to CIA and FBI).

In the procedures, the conditions on page 7 and 8 under which an American can be spied on under EO 12333 are partially redacted. But the language on page 11 (and in some other parallel regulations) make it clear one purpose under which such surveillance would be acceptable, as in this passage.

Communications solely between U.S. persons inadvertently retrieved during the selection of foreign communications will be destroyed upon recognition, except:

When the communication contains significant foreign intelligence or counterintelligence, the head of the recipient IC element may waive the destruction requirement and subsequently notify the DIRNSA and NSA’s OGC;

Under these procedures generally, communications between an American and a foreigner can be read. But communications between Americans must be destroyed except if there is significant foreign intelligence or counterintelligence focus. This EO 12333 sharing will be used not just to spy on foreigners, but also to identify counterintelligence threats (which would presumably include leaks but especially would focus on Americans serving as spies for foreign governments) within the US.

Understand: On January 3, 2017, amid heated discussions of the Russian hack of the DNC and public reporting that at least four of Trump’s close associates may have had inappropriate conversations with Russia, conversations that may be inaccessible under FISA’s probable cause standard, Loretta Lynch signed an order permitting the bulk sharing of data to (in part) find counterintelligence threats in the US.

This makes at least five years of information collected on Russian targets available, with few limits, to both the CIA and FBI. So long as the CIA or FBI were to tell DIRNSA or NSA’s OGC they were doing so, they could even keep conversations between Americans identified “incidentally” in this data.

Certain state adversaries would have big incentives to destabilize AWS, just for shits, giggles, and the chaos it would cause. If they could get into Amazon private clients’ servers, there would be plenty of data to make such an attack worthwhile.

But if such an attack also affected the IC cloud, that might be a different thing entirely.

Robert Eatinger Brags that CIA Complies with Law Passed 2 Years Ago — But Will It Really Limit CIA?

Robert Eatinger — the former CIA lawyer deeply implicated in torture who referred the authors of the Senate Intelligence Committee report on torture to DOJ for criminal investigation — has a curious column in The Cipher Brief. Eatinger purports to rebut commentators who have described “Executive Order 12333 as a sort of mysterious, open-ended authorization for U.S. intelligence agencies to engage in secret, questionable activities.” But mostly he addresses the Agency’s new Attorney General Guidelines under EO 12333 approved by Loretta Lynch on January 17.

Eatinger doesn’t explain what led to the adoption of new procedures. He does at least admit that the CIA had been operating on procedures written in 1982, a year after EO 12333 mandated such procedures. He also admits that those procedures did not reflect, “advances in collection methods due to changes in technology and privacy interests unforeseen in 1982, which did not contemplate the ubiquitous use of mobile phones, computers, and other digital media devices or evolving views of privacy and thus did not seek to address ‘big data’ or ‘bulk’ collection.” But readers who didn’t know better might conclude from Eatinger’s piece that the CIA just decided out of the blue to start protecting Americans’ privacy.

The proximate change to the procedures was likely a desire to finally expand data sharing under Obama’s new EO 12333 sharing rules, a final step before accessing a firehose of data from the NSA (curiously, Eatinger doesn’t mention that these new procedures will probably enable the expanded intake of vast amounts of bulk data including US person information). It also (as I’ll explain) belatedly responds to a mandate from Congress.

But in reality, the change comes in response to over three years of nagging from the Privacy and Civil Liberties Oversight Board, which asked James Clapper and Eric Holder to make agencies update these procedures back in August 2013, pointing out how much technology had changed in the interim. Which is another way of saying that, for the entire time when Eatinger was a top CIA lawyer, CIA was perfectly happy to operate on 35-year old procedures not reflecting current technology.

Among the procedures limiting CIA’s (newly expanded) access to bulk data, Eatinger highlights the five year restriction on retention of information including US person data.

These sections also satisfy the requirements to create procedures that limit to five years the retention of any nonpublic telephone or electronic communication acquired without the consent of a person who is a party to the communication except in defined circumstances (Section 309).


Section 6 creates two different types of handling requirements for unevaluated information; one for “routine” handling and one for “exceptional” handling.  Exceptional handling requirements apply to intelligence collections either of nonpublic communications that were acquired without the consent of a party to the communication, or that are anticipated to contain U.S. person identifying information that is significant in volume, proportion, or sensitivity.  The exceptional requirements include segregating the unevaluated information, limiting access to CIA employees who receive special training, creating an auditable record of activity, and importantly, requiring such information to be destroyed no later than five years after collection, permitting extensions in limited circumstances.

The five-year limit in Section 6 is but one example of how specifics in the new procedures attempt to find the right balance of intelligence and privacy interests.  Each procedure involves an effort to find the right tradeoffs to allow lawful intelligence collection and protect privacy and civil liberty rights and interests. The tradeoff was between the risk to a loss in intelligence capabilities by destroying information at five years against the risk to compromising privacy interests by keeping the information longer.

It’s not until nine paragraphs after Eatinger introduces this requirement, which he notes arises from “Section 309” in paragraph 8, that he explains where it comes from in paragraph 17, from Congress.

The five-year retention period in Section 6 was not set by the CIA, DNI, or Attorney General, however, it was set by Congress through Section 309.

Eatinger doesn’t describe when Congress passed that law, but I will. It was in the Intelligence Authorization for FY 2015. It became law on December 19, 2014.

Which is another way of saying that for over two years after Congress passed this law mandating the destruction of bulk data including US person data after five years, CIA hadn’t updated its EO 12333 procedures to reflect that requirement (this was after Eatinger left CIA, so we can’t blame him for the tardiness).

Now, Eatinger helpfully confirms something I’ve long believed but hadn’t confirmed: rather than sorting through and deleting the US person data in the collection, which would be all the law requires, the CIA instead destroys the entire data set at the five year interval, effectively extending the privacy protections passed to cover US persons to foreigners as well (you’re welcome, Europe). Eatinger does so in a passage laying out the trade-offs to deleting data after five years.

Deleting all unevaluated information specifically concerning U.S. persons has little to no intelligence downside because intelligence agencies will never want or have reason to search their intelligence holdings.  The five-year period to destroy all unevaluated information, however, will remove not only information concerning U.S. persons but also any information potentially concerning valid intelligence targets, such as international terrorists, from the intelligence agencies holdings.  In this latter case, however, intelligence agencies will want and may have a reason to search its holdings for information on these targets.  The deletion of that information could thus have an adverse intelligence impact, particularly on counterterrorism and counterproliferation intelligence reporting, as well as on the conduct of human intelligence operations, all of which are important activities of the CIA.

The CIA could be expected to search all of its holdings upon receiving intelligence identifying a previous unknown person as a suspected terrorist or proliferator.  Under the five-year retention period, when the CIA conducts the search, any unevaluated information on that person that may have been acquired during a bulk collection activity over five years ago will have been deleted; CIA’s search will not retrieve that information.  Thus, CIA might gain an incomplete or misleading understanding of the individual, his place in a terrorist network, and his contacts.  Or, CIA may send intelligence officers to conduct dangerous human intelligence operations to collect information it once had.  The loss of five-year old information could also adversely impact the spotting, assessing, recruiting, and running of human sources. [my emphasis]

This is how Eatinger introduces Congress’ role in requiring CIA to destroy data after five years: to blame them for limiting the CIA’s ability to sit on bulk data on Americans and foreigners for 25 years. To his credit, Eatinger does describe Congress as “the right body” to “impose” a “single retention period … on the entire intelligence community.” Given his direct attacks on Congressional oversight of the torture program, though, I wonder precisely in what spirit he intended this comment.

In any case, Eatinger also emphasizes that CIA doesn’t have to abide by this “single retention period …  imposed on the entire intelligence community.” After suggesting that some agencies might be able to abide by the Congressional mandate, he asserts unnamed other agencies may not be able to.

Some intelligence entities likely could accomplish their mission and destroy unevaluated information in less than five years.  Others may need to retain information longer than five years.

He then notes that Congress has given agencies an out.

Congress has provided that intelligence agency heads may retain information longer than five years if the head determines a longer retention “is necessary to protect the national security of the United States” and certifies in writing to the intelligence committees the reasons for that determination, the new retention period, the particular information to be retained; and the measures that will be taken to protect the privacy interests of U.S. persons and persons located inside the United States.

That out is laid out in CIA’s procedures at, but rather than stating the intelligence committees must get notice, the section says only that, “Upon such extension, the [CIA Director] shall complete any notifications required by statute, Executive Order, or other Presidential decree” which, given the way the Bush Administration ignored FISA based on Presidential decree, doesn’t inspire confidence that Congress would get the notice mandated under Section 309.

In any case, we have reason to believe the CIA is just one month into receiving an expanded firehose of data, including a great deal of data on Americans. And Eatinger sure seems to suggest the CIA may never give the data obtained via that firehose up.

Ninth Circuit Trims Executive’s Expansive Claims to Be Able Pixie Dust Executive Orders

As you’ve surely heard, the Ninth Circuit handed President Trump a huge loss last night, refusing to overturn the nationwide stay on his Muslim ban. The per curium opinion is particularly strong in asserting that courts do have the ability to review Presidential orders, even those that pertain to national security.

But there’s another part of the opinion I’m particularly interested in, because if it is not reversed, it creates a very important new limit on what the President can do with EOs.

One of the problems Trump created for himself was targeting Green Card holders — lawful permanent residents. That’s because LPRs have long term relations with the country and are accorded constitutional protections, both within and outside of the US. So long as LPRs remain affected by the EO, it will be legally problematic, at least as it pertains to them.

The Administration tried to undo that damage by having the White House Counsel, Don McGahn, write guidance on how to interpret the EO, basically stopping its application to LPRs. Within the hearing, the attorney representing the states noted that the Administration’s stance toward LPRs had changed about five times. But it was clear the judges were also unimpressed with changes the WHCO, as opposed to the President, made to an EO.

Here’s where they rule that a WHCO can’t just change an EO with policy guidance.

The Government has argued that, even if lawful permanent residents have due process rights, the States’ challenge to section 3(c) based on its application to lawful permanent residents is moot because several days after the Executive Order was issued, White House counsel Donald F. McGahn II issued “[a]uthoritative [g]uidance” stating that sections 3(c) and 3(e) of the Executive Order do not apply to lawful permanent residents. At this point, however, we cannot rely upon the Government’s contention that the Executive Order no longer applies to lawful permanent residents. The Government has offered no authority establishing that the White House counsel is empowered to issue an amended order superseding the Executive Order signed by the President and now challenged by the States, and that proposition seems unlikely.

Nor has the Government established that the White House counsel’s interpretation of the Executive Order is binding on all executive branch officials responsible for enforcing the Executive Order. The White House counsel is not the President, and he is not known to be in the chain of command for any of the Executive Departments. Moreover, in light of the Government’s shifting interpretations of the Executive Order, we cannot say that the current interpretation by White House counsel, even if authoritative and binding, will persist past the immediate stage of these proceedings. On this record, therefore, we cannot conclude that the Government has shown that it is “absolutely clear that the allegedly wrongful behavior could not reasonably be expected to recur.” Friends of the Earth, Inc., v. Laidlaw Envtl. Servs., Inc., 528 U.S. 167, 189 (2000) (emphasis added).

In short, they’re arguing that to make the EO legal with respect to LPRs, the President himself is going to have to change the EO, not McGahn.

As most longtime readers know, I’m obsessed by the way that John Yoo pixie dusted EO 12333 by basically saying the President doesn’t have to modify an EO he is blowing off, by blowing it off he is simply modifying it. In a 2001 opinion (and a 2002 letter to the FISC) he wrote,

[T]here is no constitutional requirement that a President issue a new executive order whenever he wishes to depart from the terms of previous executive order. In exercising his constitutional or delegated statutory powers, the President often must issue instructions to his subordinates in the executive branch, which takes the form of an executive order. An executive order does not commit the President himself to a certain course of action. Rather than “violate” an executive order, the President in authorizing a departure from an executive order has instead modified or waived it.

George Bush used that ruling to be able to disseminate Stellar Wind data even though his EO said you could not disseminate SIGINT.

While this ruling does not directly affect that interpretation, it does suggest that only a President can alter an EO (or, alternately, he must first confirm that someone else modifying it has been delegated the authority to do so). So while it doesn’t entirely shut down the possibility of further pixie dusting, it does make such things harder. It does give people reason to challenge any such changes to an EO.

As I noted the other day, I don’t think John Yoo was so much complaining about Trump’s abuses, as complaining that the way he implemented his abuses might do permanent damage to claims of expansive Executive authority. Let’s hope Trump has already done so by refusing to formally alter an EO his WHCO recognized was vulnerable to legal challenge.

Charles Cooper, Who Sanctioned Delayed Notification of Covert Ops to Congress, Reportedly to Be Solicitor General

Update: According to the Hill, Cooper has withdrawn from consideration.

Yesterday, SCOTUSblog reported that Charles Cooper is likely to be named Trump’s Solicitor General.

Cooper is a close friend of Sen. Jeff Sessions, the Alabama lawmaker whom Trump has nominated to serve as attorney general, and helped to prepare Sessions for his confirmation hearings. Like Sessions, Cooper could prove to be a controversial pick. In addition to his role defending California’s ban on same-sex marriage, Cooper also signed a brief on behalf of the federal government supporting Bob Jones University in its challenge to the constitutionality of an Internal Revenue Service policy denying tax exemptions to religious institutions that discriminate based on race. The university had argued that its ban on interracial dating was based on its sincere religious beliefs, but the Supreme Court upheld the IRS policy, by a vote of 8-1. And in 1986, as the head of the Office of Legal Counsel, Cooper signed an OLC opinion that argued that employers could reject job applicants with AIDS if they were concerned about contracting the disease.

I take this solace out of the fact that a soul mate to Jeff Sessions will be appointed to Solicitor General. In Cooper’s most public recent work, the Prop 8 case, Cooper got his ass handed to him by facts and law. If he were to argue as poorly for Trump’s policies, it might help the courts keep the President’s excesses under check.

That said, there are things I’m gravely concerned about, with regards to the Cooper pick. I’m trying to figure out whether he is the author of the OLC memo stating that a President can ignore his own Executive Orders, the original pixie dust opinion.

But he is definitely the author of this Iran-Contra related opinion, stating that the President can delay notification on covert ops to Congress.

Section 501(b) of the National Security Act of 1947 must be interpreted in the light of § 501 as a whole and in light of the President’s broad and independent constitutional authority to conduct foreign policy. The requirement that the President inform certain congressional committees “in a timely fashion” of a foreign intelligence operation as to which those committees were not given prior notice should be read to leave the President with discretion to postpone informing the committees until he determines that the success of the operation will not be jeopardized thereby. Because the recent contacts with elements of the Iranian government could reasonably have been thought to require the utmost secrecy, the President was justified in withholding § 501(b) notification during the ongoing effort to cultivate those individuals and seek their aid in promoting the interests of the United States.

Effectively, Cooper came in, after the fact, and said it was no big deal that Ronald Reagan didn’t tell Congress he was negotiating with a sworn enemy of the United States to get around funding restrictions they had put into place. The opinion has been used since to keep Congress in the dark about things it should know — including, ironically, some of Obama’s negotiations with Iran.

Hawks should be most concerned, however, that Trump would use this to free Mike Flynn to negotiate with Russia and Syria without notice to Congress. Me, I’d be more worried that it would be used (again) to hide a torture program from Congress.

The Ironies of the EO 12333 Sharing Expansion for Obama and Trump

In one of his first acts as leader of the Democratic party in 2008, Barack Obama flipped his position on telecom immunity under FISA Amendments Act, which cleared the way for its passage. That was a key step in the legalization of the Stellar Wind dragnet illegally launched by George Bush in 2001, the normalization of turnkey surveillance of the rest of the world, surveillance that has also exposed countless Americans to warrantless surveillance.

Bookends of the Constitutional law president’s tenure: codifying and expanding Stellar Wind

So it is ironic that, with one of his final acts as President, Obama completed the process of normalizing and expanding Stellar Wind with the expansion of EO 12333 information sharing.

As I laid out some weeks ago, on January 3, Loretta Lynch signed procedures that permit the NSA to share its data with any of America’s other 16 intelligence agencies. This gives CIA direct access to NSA data, including on Americans. It gives all agencies who jump through some hoops that ability to access US person metadata available overseas for the kind of analysis allegedly shut down under USA Freedom Act, with far fewer limits in place than existed under the old Section 215 dragnet exposed by Edward Snowden.

And it did so just as an obvious authoritarian took over the White House.

I’ve was at a privacy conference in Europe this week (which is my partial explanation for being AWOL all week), and no one there, American or European, could understand why the Obama Administration would give Trump such powerful tools.

About the only one who has tried to explain it is former NSA lawyer Susan Hennessey in this Atlantic interview.

12333 is not constrained by statute; it’s constrained by executive order. In theory, a president could change an executive order—that’s within his constitutional power. It’s not as easy as just a pen stroke, but it’s theoretically possible.


When they were in rewrites, they were sort of vulnerable. There was the possibility that an incoming administration would say, “Hey! While you’re in the process of rewriting, let’s go ahead and adjust some of the domestic protections.” And I think a reasonable observer might assume that while the protections the Obama administration was interested in putting into place increased privacy protections—or at the very least did not reduce them—that the incoming administration has indicated that they are less inclined to be less protective of privacy and civil liberties. So I think it is a good sign that these procedures have been finalized, in part because it’s so hard to change procedures once they’re finalized.


I think the bottom line is that it’s comforting to a large national-security community that these are procedures that are signed off by Director of National Intelligence James Clapper and Attorney General Loretta Lynch, and not by the DNI and attorney general that will ultimately be confirmed under the Trump Administration.

Hennessey’s assurances ring hollow. That’s true, first of all, because it is actually easier to change an EO — and EO 12333 specifically — than “a pen stroke.” We know that because John Yoo did just that, in authorizing Stellar Wind, when he eliminated restrictions on SIGINT sharing without amending EO 12333 at all. “An executive order cannot limit a President,” Yoo wrote in the 2001 memo authorizing Stellar Wind. “There is no constitutional requirement for a President to issue a new executive order whenever he wishes to depart from the terms of a previous executive order. Rather than violate an executive order, the President has instead modified or waived it.” And so it was that the NSA shared Stellar Wind data with CIA, in violation of the plain language of EO 12333 Section 2.3, until that sharing was constrained in 2004.

Yes, in 2008, the Bush Administration finally changed the language of 2.3 to reflect the SIGINT sharing it had started to resume in 2007-2008. Yes, this year the Obama Administration finally made public these guidelines that govern that sharing. But recent history shows that no one should take comfort that EOs can bind a president. They cannot. The Executive has never formally retracted that part of the 2001 opinion, which in any case relies on a 1986 OLC opinion on Iran-Contra arguing largely the same thing.

No statutorily independent oversight over vastly expanded information sharing

Which brings us to whether the EO sharing procedures, as released, might bind Trump anymore than EO 12333 bound Bush in 2001.

In general, the sharing procedures are not even as stringent as other surveillance documents from the Obama Administration. The utter lack of any reasonable oversight is best embodied, in my opinion, by the oversight built into the procedures. A key cog in that oversight is the Department of National Intelligence’s Privacy and Civil Liberties Officer — long inhabited by a guy, Alex Joel, who had no problem with Stellar Wind. That role will lead reviews of the implementation of this data sharing. In addition to DNI’s PCLO, NSA’s PCLO will have a review role, along with the General Counsels of the agencies in question, and in some limited areas (such as Attorney Client communications), so will DOJ’s National Security Division head.

What the oversight of these new sharing procedures does not include is any statutorily independent position, someone independently confirmed by the Senate who can decide what to investigate on her own. Notably, there is not a single reference to Inspectors General in these procedures, even where other surveillance programs rely heavily on IGs for oversight.

There is abundant reason to believe that the PATRIOT Act phone and Internet dragnets violated the restrictions imposed by the FISA Court for years in part because NSA’s IG’s suggestions were ignored, and it wasn’t until, in 2009, the FISC mandated NSA’s IG review the Internet dragnet that NSA’s GC “discovered” that every single record ingested under the program violated FISC’s rules after having not discovered that fact in 25 previous spot checks. In the past, then, internal oversight of surveillance has primarily come when IGs had the independence to actually review the programs.

Of course, there won’t be any FISC review here, so it’s not even clear whether explicit IG oversight of the sharing would be enough, but it would be far more than what the procedures require.

I’d add that the Privacy and Civil Liberties Oversight Board, which provided key insight into the Section 215 and 702 programs, also has no role — except that PCLOB is for all intents and purposes defunct at this point, and there’s no reason to believe it’ll become operational under Trump.

Obama vastly expanded information sharing with these procedures without implementing the most obvious and necessary oversight over that sharing, statutorily independent oversight.

Limits on using the dragnet to affect political processes

There is just one limit in the new procedures that I think will have any effect whatsoever — but I think Trump may have already moved to undercut it.

The procedures explicitly prohibit what everyone should be terrified about under Trump — that he’ll use this dragnet to persecute his political enemies. Here’s that that prohibition looks like.

Any IC element that obtains access to raw SIGINT under these Procedures will:


Political process in the United States. Not engage in any intelligence activity authorized by these Procedures, including disseminations to the White House, for the purpose of affecting the political process in the United States. The IC element will comply with the guidance applicable to NSA regarding the application of this prohibition. Questions about whether a particular activity falls within this prohibition will be resolved in consultation with the element’s legal counsel and the General Counsel of the Office of the Director of National Intelligence (ODNI) (and the DoD’s Office of the General Counsel in the case of a DoD IC element).

If you need to say the IC should not share data with the White House for purposes of affecting the political process, maybe your info sharing procedures are too dangerous?

Anyway, among the long list of things the IC is not supposed to do, this is the only one that I think is so clear that it would likely elicit leaks if it were violated (though obviously that sharing would have to be discovered by someone inclined to leak).

All that said, note who is in charge of determining whether something constitutes affecting political processes? The IC agency’s and ODNI’s General Counsel (the latter position is vacant right now). Given that the Director of National Intelligence is one of the positions that just got excluded from de facto participation in Trump’s National Security Council (in any case, Republican Senator Dan Coats has been picked for that position, which isn’t exactly someone you can trust to protect Democratic or even democratic interests), it would be fairly easy to hide even more significant persecution of political opponents.

FBI and CIA’s expanded access to Russian counterintelligence information

There is, however, one aspect of these sharing guidelines that may have work to limit Trump’s power.

In the procedures, the conditions on page 7 and 8 under which an American can be spied on under EO 12333 are partially redacted. But the language on page 11 (and in some other parallel regulations) make it clear one purpose under which such surveillance would be acceptable, as in this passage.

Communications solely between U.S. persons inadvertently retrieved during the selection of foreign communications will be destroyed upon recognition, except:

When the communication contains significant foreign intelligence or counterintelligence, the head of the recipient IC element may waive the destruction requirement and subsequently notify the DIRNSA and NSA’s OGC;

Under these procedures generally, communications between an American and a foreigner can be read. But communications between Americans must be destroyed except if there is significant foreign intelligence or counterintelligence focus. This EO 12333 sharing will be used not just to spy on foreigners, but also to identify counterintelligence threats (which would presumably include leaks but especially would focus on Americans serving as spies for foreign governments) within the US.

Understand: On January 3, 2017, amid heated discussions of the Russian hack of the DNC and public reporting that at least four of Trump’s close associates may have had inappropriate conversations with Russia, conversations that may be inaccessible under FISA’s probable cause standard, Loretta Lynch signed an order permitting the bulk sharing of data to (in part) find counterintelligence threats in the US.

This makes at least five years of information collected on Russian targets available, with few limits, to both the CIA and FBI. So long as the CIA or FBI were to tell DIRNSA or NSA’s OGC they were doing so, they could even keep conversations between Americans identified “incidentally” in this data.

I still don’t think giving the CIA and FBI (and 14 other agencies) access to NSA’s bulk SIGINT data with so little oversight is prudent.

But one of the only beneficial aspects of such sharing might be if, before Trump inevitably uses bulk SIGINT data to persecute his political enemies, CIA and FBI use such bulk data to chase down any Russian spies that may have had a role in defeating Hillary Clinton.

The Problems with Pompeo: A Willingness to Use Information on Americans Russia Hacked and Shared with Trump

On Friday, the Senate confirmed the first two of President Trump’s nominees: Generals Mattis and Kelly to run DOD and DHS, respectfully. But it did not confirm the third nominee slotted for that day, Mike Pompeo. In part because the nomination was not dealt with in regular fashion in the Senate Intelligence Committee (which did not vote out his nomination), Ron Wyden managed to force Mitch McConnell to hold 6 hours of debate tomorrow on his nomination.

Wyden has suggested we need to have more debate because Pompeo hasn’t answered all the questions posed to him. And it is true that Wyden has concerns about the following issues. But perhaps most of all, Wyden’s questions suggest he is concerned that the Trump administration will use information the Russians hacked against Americans.

In follow-up questions posed to Pompeo, Wyden expressed concern about Pompeo’s:

  • Enthusiasm for using bulk collections of “lifestyle” information on Americans
  • Willingness to have the CIA engage in activities the Ambassador or other Chief of Mission disagrees with
  • Squirminess about when the CIA can kill a US person
  • Dodginess on classifying torture information that reveals illegal, embarrassing, competitive, or otherwise unclassified information

But as I said, Wyden’s chief concern appears that Pompeo will use information the Russians have or will give the Trump administration against Americans.

Enthusiasm for using bulk collections of “lifestyle” information on Americans

A big point of concern for Wyden and Martin Heinrich throughout Pompeo’s confirmation process is this op-ed he wrote at the beginning of last year. Based in part on the fact that the intelligence community didn’t find the Tashfeen Malik’s anti-American statements on non-public social media, and in part on the demonstrably false claim that the IC didn’t find the Garland attackers beforehand (in reality, the FBI was cheering them on), Pompeo argued we need to collect still more data. “Congress should pass a law re-establishing collection of all metadata, and combining it with publicly available financial and lifestyle information into a comprehensive, searchable database,” he wrote.

Pompeo has dodged questions about precisely what “lifestyle” information he wants to collect — though it surely includes Twitter’s firehose of data from Dataminr. Sadly, he repeatedly pointed to executive orders in his answers, and the new EO 12333 sharing rules permit the access of “public” information, which can include information from data brokers (though Pompeo claims ignorance of what he might want to use). So while Wyden is concerned that Pompeo will start dragnetting Americans, sadly he has been enabled to do so by one of the last things Obama did.

Willingness to have the CIA engage in activities the Ambassador or other Chief of Mission disagrees with

Another concern Wyden raised pertains to disagreements between the Chief of Mission (the top diplomat in a country) and the CIA Station Chief. This has been an issue in the past at least as it pertains to drone strikes in Pakistan and the torture program, where the Ambassador was either not informed or not properly consulted on CIA activities within a country.

When asked a yes or no question whether he would permit CIA to conduct activities even while an outstanding disagreement remained, Pompeo refused to answer, stating instead that he would seek an expeditious decision from the President. Effectively, he suggested if he were losing a disagreement with State, he’d get Trump to override State.

Squirminess about when the CIA can kill a US person

Wyden, who has long sought guidelines on when the US can kill an American citizen, returned to pre-hearing questions on this topic. After citing the Drone Rule Book requirement that DOJ be involved before taking action against a US person, he asked whether Pompeo agreed with the requirement. Pompeo basically said the US “must consider an American citizen’s constitutional rights prior to targeting him” and “CIA attorneys frequently consult with” DOJ (though left open the possibility of relying on less formal analysis). Ultimately, Pompeo dodged laying out any additional checks he’d following before killing an American.

Dodginess on classifying torture information that reveals illegal, embarrassing, competitive, or otherwise unclassified information

Wyden asked Pompeo if he disagreed with the prohibitions on classifying information to “(1) conceal violations of law, inefficiency, or administrative error; (2) prevent embarrassment to a person, organization, or agency; (3) restrain  competition; or ( 4) prevent or delay the release of information that does not require protection in the interest of national security,” prohibitions that existed in Clinton’s, George W. Bush’s, and Obama’s EOs on classified information. Pompeo said he did not. However, immediately in that context, Wyden asked about the Torture Report, and Pompeo dodged all questions about declassifying the torture report.

Willingness to use information obtained by Russians hacking Americans

But as I said, Wyden’s persistent concerns in his post-hearing questions pertained to whether and how Pompeo would be willing to cooperate with the Russians. Raising a Pompeo hearing comment that if a foreign partner gave the CIA information on US persons “independently,” “it may be appropriate of CIA to collect [that] information in bulk,” Wyden raised Trump’s encouragement of Russian hacking and asked what circumstances would make foreign collection so improper that CIA should not receive such information. Pompeo responded, “information obtained through such egregious conduct may be appropriate for the CIA to use or disseminate.”

Wyden then listed out a bunch of conditions, such as information coming from an adversary, to disrupt US democracy, information implicating First Amendment protected political activity, or information affecting thousands or millions of Americans. “The listed conditions could all be relevant,” Pompeo responded, remaining non-committal.

Wyden raised a Pompeo comment suggesting rules for accessing US person communications under EO 12333 and asked if that was true of information known to include significant US person information. Pompeo said he would consult experts and AGG guidelines (which, arguably, are this flexible).

Wyden raised Pompeo’s promise to expand intelligence cooperation with state and non-state partners, and asked specifically whether this included Russia, and if so how Pompeo planned on dealing with the counterintelligence risks of doing so. Pompeo said he as not referring to “any specific partners,” said, “CIA already has a strong counterintelligence program,” and said anything he did would comply with law and standard practices and be noticed to Congress.

Wyden then asked if “it is legal or appropriate for the White House to obtain from a foreign partner…information that includes the communications of U.S. persons” and if he learned that they were doing so, whether he would inform Congress of it. Pompeo responded “I am not aware of a DCIA role in supervising White House activities or providing legal counsel to the White House on its activities,” apparently committing only to informing Congress of CIA’s own activities.

In short, there are a lot of reasons to be worried about Pompeo as Director of CIA. But Wyden seems most worried that CIA (and the White House) will use information Russia gives them against American citizens.

FISA Is Not a Magic Word

The NYT had an article yesterday reporting on investigations into three (not four) of Donald Trump’s associates. The lead explains that authorities are reviewing “intercepted communications” in an investigation.

American law enforcement and intelligence agencies are examining intercepted communications and financial transactions as part of a broad investigation into possible links between Russian officials and associates of President-elect Donald J. Trump, including his former campaign chairman Paul Manafort, current and former senior American officials said.

The article differs from many of the reports on investigations into Trump because it is not so breathless and shows far more understanding of how DOJ works. Sadly, most readers appear not to have gotten this far into the story, which admits it’s not even clear whether the investigation is primarily about ties between Trump and the DNC hack.

It is not clear whether the intercepted communications had anything to do with Mr. Trump’s campaign, or Mr. Trump himself. It is also unclear whether the inquiry has anything to do with an investigation into the hacking of the Democratic National Committee’s computers and other attempts to disrupt the elections in November.

A number of people, including — bizarrely! — former DHS Assistant Secretary for Intergovernmental Affairs Juliette Kayyem have asked why the NYT article doesn’t mention FISA.

Great piece. Honest ? Is there reason why it doesn’t mention word FISA? I don’t know other ways to intercept comms.

Kayyem asks that, even about an article that partially raises another — the most common — way intercepts get done: by targeting foreigners.

The counterintelligence investigation centers at least in part on the business dealings that some of the president-elect’s past and present advisers have had with Russia. Mr. Manafort has done business in Ukraine and Russia. Some of his contacts there were under surveillance by the National Security Agency for suspected links to Russia’s Federal Security Service, one of the officials said.

The Russians alleged to have bought off Manafort, and the Russians alleged to have hacked the DNC are all legal targets without a FISA order (unless they’re targeting in the US, and even then, in some cases you wouldn’t need a FISA order). But these people are described as Russians and Ukrainians in Europe, so no FISA order needed. Moreover, the BBC article that started this line of reporting made clear the investigation arises from an intercept from a Baltic ally. Even if the US did the spying, foreign targets could be collected on under EO 12333 or under Section 702 of FISA without an individual order, and the Manafort sides of those conversations would be read. Indeed, those communications would be read precisely because a US person was having conversations with targets of interest.

So to review, here are the ways that the government might collect data in this case.

  • As the BBC reported, the US gets intercepts from its foreign partners, and appears to have done so here.
  • For foreign targets like those described, much US surveillance takes place under EO 12333. The NSA is collecting on switches and satellites carrying such communications, and to the extent that they’re not encrypted (or encrypted using technology the NSA has broken) those communications are readily available without a court order.
  • Those foreign targets located in Europe are also legal targets under Section 702. For national security cases (including counterintelligence ones) NSA routinely shares the raw feed off such collection with FBI, and FBI is not only allowed to read both sides of those conversations, but to go back and search for US persons in them without any suspicion of wrong-doing.
  • This counterintelligence investigation is primarily about money changing hands. That’s Treasury’s job, and its methods of coercion for collecting information don’t usually involve courts. Banks are obliged to hand over certain kinds of suspicious transfers in any case. Treasury also gets to go to SWIFT and get what it wants. That’s not an “intercept” in the traditional sense, but is likely a key piece of evidence in this case.

The issue, then, is when someone like Manafort becomes the target of the investigation and/or when Russians in the US (but not exclusively at an Embassy) are targeted. In that case, the following might explain intercepts.

  • In some respects, Manafort’s behavior reeks of classic influence peddling, a lobbyist gone wrong. To the extent that’s the case, it might be investigated under regular criminal law with pretty much the same secrecy that FISA will give you (especially given that multiple sources are leaking like sieves about FISA orders now). So FBI could have obtained a criminal warrant targeting Manafort’s communications.
  • To target Manafort anywhere in the world, the FBI/NSA would need a FISA order. Domestically, that’d be a traditional order(s). Given the overseas connection, they’d likely get a 705b order, allowing them to keep spying if Manafort were to leave the country.
  • To target Russians who are in the country but not at the Russian embassy, the government would need a FISA order.

To be sure, there were earlier reports that FBI asked for FISA orders in June and July, finally obtaining one (not three) in October. Even there, the original BBC report suggested the Americans were not the primary targets, but foreign targets, though it misstates who could actually be targeted (and seems to think Russian banks would require a FISA order).

Lawyers from the National Security Division in the Department of Justice then drew up an application. They took it to the secret US court that deals with intelligence, the Fisa court, named after the Foreign Intelligence Surveillance Act. They wanted permission to intercept the electronic records from two Russian banks.

Their first application, in June, was rejected outright by the judge. They returned with a more narrowly drawn order in July and were rejected again. Finally, before a new judge, the order was granted, on 15 October, three weeks before election day.

Neither Mr Trump nor his associates are named in the Fisa order, which would only cover foreign citizens or foreign entities – in this case the Russian banks

A more recent, but breathless, version of the story originally misstated the standard for FISA, but does get closer to suggesting Trump’s associates are the targets.

Note that in one place NYT refers to “investigations” plural.

The F.B.I. is leading the investigations, aided by the National Security Agency, the C.I.A. and the Treasury Department’s financial crimes unit.

It is possible that there are separate investigation(s), one targeting Manafort for clear influence peddling, another targeting Roger Stone for apparent involvement in the hand-off of DNC documents to Wikileaks, and a third for corrupt business dealings on the part of Carter Page. It is also possible that such independent investigations could converge on the election, if what the Trump dossier claims is true. It is further possible that if all of those investigations converged into one election-related investigation, there’d still be no way to prove Trump knew of Russian involvement; right now, only his associates have been “targeted,” to the extent even that has occurred. (Roger Stone, of course, is an old hand at giving the President plausible deniability about the rat-fucking done in his name.)

Finally, there’s one more (delicious) detail most people have missed. Just last week the intelligence community rolled out its new EO 12333 sharing guidelines. I suspect such guidelines were in place between FBI and NSA before then; for a variety of reasons I think they may have been sharing such data since … September. But as I’ll show in a follow-up, one very clear objective for the expanded EO 12333 sharing is to give FBI (and CIA) direct access to raw EO 12333 collected information for counterintelligence purposes. That means all those intercepts on Russian and Ukrainian people talking to Manafort, going back over a year? At least as of January 3, the FBI (and CIA) can have those, including Manafort’s side of the conversation, in raw form.

One-Fifth of Documents Edward Snowden Stole Were Blank

Charlie Savage has a great review in the New Yorker, pitting Oliver Stone’s Snowden movie against Edward Jay Epstein’s book (and astutely noting that these two have battled before over JFK history, which presumably explains the use of “Soviet” in the title).

In it, he addresses something fact-based commentators have had to deal with over and over: the claim Snowden stole 1.5 million documents.

Another complication for judging Snowden’s actions is that we do not know how many and which documents he took. Investigators determined only that he “touched” about 1.5 million files—essentially those that were indexed by a search program he used to trawl NSA servers. Many of those files are said to pertain to military and intelligence tools and activities that did not bear on the protection of individual privacy. Snowden’s skeptics assume that he stole every such file. His supporters assume that he did not. In any case they believe his statements that after giving certain NSA archives to the journalists in Hong Kong, he destroyed his hard drives and brought no files to Russia.

But it’s time, once and for all, to reject this frame entirely.

That’s true for several reasons. First, as the House Intelligence Report on Snowden discloses, the Intelligence Community actually has two different counts of what documents Snowden “took.” The 1.5 million number comes from Defense Intelligence Agency.

The IC more generally, though, has a different (undisclosed) number, based off three tiers of damage assessment: those documents that had been released to the public by August 31, 2015, those documents that, “based on forensic analysis, Snowden would have collected in the course of collecting [the documents already released], but have not yet been disclosed to the public.” (PDF 29) The IC believes these documents are in the hands of Glenn Greenwald and Laura Poitras and Bart Gellman. The last tier consists of documents that Snowden accessed in some way. The rest of the description of this category is redacted, but the logic involved in the section suggests the IC has good reason to question whether the third tier ever got delivered to journalists.

By May 2016 (much to HPSCI’s apparent chagrin), the IC had stopped doing damage assessment on documents not released the public, which strongly suggests they believed Russia and other adversaries hadn’t and probably wouldn’t obtain them, which in turn suggests the IC either believes the journalists’ operational security is adequate against Russia and China and/or the documents have already been destroyed and certainly didn’t go with Snowden to Russia and get delivered to Vladimir Putin.

Particularly given the later date for the IC assessment, I’d suggest the IC likely has listened for years for signs the wider universe of documents has been released, and have found no sign the documents have. Otherwise they’d be doing a damage assessment on them.

But the 1.5 million number is problematic for two more reasons. First, as Jason Leopold reported in 2015, the 1.5 million number comes from a period when HPSCI was actively soliciting dirt on Snowden that they could (and did) leak to the press. It was designed to be as damning as possible And, as I added at the time, the number also came at a time when Congress was scrambling to give DOD more money to deal with mitigation of Snowden’s leak. In other words, for several reasons Congress was asking the IC to give it the biggest possible number.

But there’s another problem with the 1.5 million number, revealed in the HPSCI report released last month. The 1.5 million isn’t actually all the documents Snowden is known to have touched, or even downloaded. Rather, it is all the documents he touched and downloaded, less some 374,000 “blank documents Snowden downloaded from the Department of the Army Intelligence Information Service (DAIIS) Message Processing System.”

So the real number of documents that Snowden “touched” is almost 1.9 million. But in coming up with its most inflammatory number, DIA eliminated the almost 20% of the documents that it had determined were blank.

But consider what that tacitly admits. It admits that one-fifth of the documents that Snowden not just touched, but actually downloaded, were absolutely useless for the purposes of leaking, because they were blank. But if Snowden downloaded 374,000 blank documents, it is proof he downloaded a bunch things he didn’t intend to leak.

Of course, fear-mongering about Snowden wandering the world with 374,000 blank documents risks making someone look crazy. So maybe that’s the reason the Snowden skeptics have chosen to edit their number down, even while doing so is tacit admission they know he “touched” a lot of things he had no intention of leaking.

If Edward Jay Epstein wants to write the definitive screed against Snowden, he should adopt, instead, that 1.9 million number. But in so doing, he should also admit he’s raising concerns about Snowden leaking blank documents.