FISA Archives - Page 132 of 179

Latest StuxNet Incarnation Resembles Alleged Project of Murdered GCHQ Officer

August 11, 2012/9 Comments/in Cybersecurity, FISA /by emptywheel

Kaspersky Labs has found a new incarnation of StuxNet malware, which they’ve called Gauss. As Wired summarizes, the malware is focused geographically on Lebanon and has targeted banks.

A newly uncovered espionage tool, apparently designed by the same people behind the state-sponsored Flame malware that infiltrated machines in Iran, has been found infecting systems in other countries in the Middle East, according to researchers.

The malware, which steals system information but also has a mysterious payload that could be destructive against critical infrastructure, has been found infecting at least 2,500 machines, most of them in Lebanon, according to Russia-based security firm Kaspersky Lab, which discovered the malware in June and published an extensive analysis of it on Thursday.

The spyware, dubbed Gauss after a name found in one of its main files, also has a module that targets bank accounts in order to capture login credentials. The malware targets accounts at several banks in Lebanon, including the Bank of Beirut, EBLF, BlomBank, ByblosBank, FransaBank and Credit Libanais. It also targets customers of Citibank and PayPal.

I find that interesting for a number of reasons. First, every time banks have squawked about our government’s access of SWIFT to track terrorist financing, the spooks have said if they don’t use SWIFT they’ll access the information via other means; it appears this malware may be just that. And the focus on Lebanon fits, too, given the increasing US claims about Hezbollah money laundering in the time since Gauss was launched. I’m even struck by the coincidence of Gauss’ creation last summer around the same time that John Ashcroft was going through the Lebanese Canadian Bank to find any evidence of money laundering rather than–as happens with US and European banks–crafting a settlement. I would imagine how that kind of access to a bank would give you some hints about how to build malware.

But the other thing the malware made me think of, almost immediately, was the (I thought) bogus excuse some British spooks offered last summer to explain the murder of Gareth Williams, the GCHQ officer–who had worked closely with NSA–who was found dead in a gym bag in his flat in August 2010. Williams was murdered, the Daily Mail claimed, because he was working on a way to track the money laundering of the Russian mob.

The MI6 agent found dead in a holdall at his London flat was working on secret technology to target Russian criminal gangs who launder stolen money through Britain.

[snip]

But now security sources say Williams, who was on secondment to MI6 from the Government’s eavesdropping centre GCHQ, was working on equipment that tracked the flow of money from Russia to Europe.

The technology enabled MI6 agents to follow the money trails from bank accounts in Russia to criminal European gangs via internet and wire transfers, said the source.

‘He was involved in a very sensitive project with the highest security clearance. He was not an agent doing surveillance, but was very much part of the team, working on the technology side, devising stuff like software,’ said the source.

He added: ‘A knock-on effect of this technology would be that a number of criminal groups in Russia would be disrupted.

‘Some of these powerful criminal networks have links with, and employ, former KGB agents who can track down people like Williams.’

Frankly, I always thought that explanation was bogus–I suggested that the Brits could just partner with the US to access such data via SWIFT. And whatever it means, I haven’t seen such an explanation since.

But I do find it rather interesting that one of the most prominent unsolved murders of a spook was blamed–at around the time the StuxNet people were working on Gauss–on a plan to track money laundering.

Dick Durbin: The Targeted Killing Memo Is Like the Torture and Illegal Wiretap Memos

August 10, 2012/13 Comments/in Drones, FISA, state secrets, Torture, Unitary Executive /by emptywheel

It took transcribing the debate in the July 19 Senate Judiciary Committee hearing for me to realize it, but Democrats are running very serious interference to keep the Anwar al-Awlaki targeted killing memo secret. Not only did Dianne Feinstein basically roll John Cornyn, telling him she’d introduce language that would accomplish his goal of getting all the oversight committees the memo when, if hers passes, it will only, maybe, get the Intelligence Committee the memo. Not only did the Democrats vote on a party line vote to table John Cornyn’s amendment to require the Administration to share it–in classified or unclassified form–with the Judiciary and Armed Services Committees. Not only did Pat Leahy get pretty snippy with Cornyn for offering–and asking to speak on–the Amendment.

Most stunning, though, is Dick Durbin’s comment on it.

Durbin: Thank you Mr. Chairman. My staff briefed me of this on the way in, and I asked the basic question, “would I ask this of a Republican President? Of course. And I did ask it, in a different context, of the previous President, when it came to questions of interrogation, torture, and surveillance. I might say to the Senator from Texas I had no support from the other side of the table when I made that request. But I do believe it is a valid inquiry and I would join the Senator from Texas and any who wish in sending a letter to the Attorney General asking for this specific information on a bipartisan basis. And certainly we can raise it the next time the Attorney General appears before us. I do have to say that I’m going to vote to table because I think that as flawed as this [the FAA extension] may be without the Lee Amendment which I think would help it, I do believe we need to pass this and bringing in these other matters are going to jeopardize it. But I think it is a legitimate question to be asked of Presidents of either party, and I will join you in a letter to this President and his Attorney General for that purpose. [my emphasis]

This partisan retort (one Leahy repeated) says, in part, that the Democrats aren’t going to cooperate with Cornyn’s effort to get the memo because Cornyn didn’t cooperate with Durbin’s efforts to get the torture and illegal wiretap memos. Durbin and Leahy are right: Cornyn and the rest of the Republican party did obstruct their efforts.

That doesn’t make obstructing Cornyn’s effort right, of course, particularly given that Durbin purports to support Cornyn’s intent.

But remember, Republicans obstructed the release of the torture and illegal wiretap memos because, well, they showed the Executive had broken the law. When we all got to see the torture memos, they made it clear CIA had lied to DOJ to get authorization for torture, had exceeded the authorizations given to them, had engaged in previously unimagined amounts of torture, and had ignored legal precedent to justify it all.

And while we’ve only ever seen part of Jack Goldsmith’s illegal wiretap memo (after the Bush Administration purportedly fixed the data mining and other illegal problems with it) and a teeny fragment of an earlier John Yoo memo, those showed that Yoo relied on gutting the Fourth Amendment, there is an additional secret memo on information sharing, they were hiding their flouting of the exclusivity provision, and–possibly–the illegal wiretap program violated an earlier decision from the FISA Court of Review. We also learned, through some Sheldon Whitehouse persistence, that these memos revealed the President had been pixie dusting Executive Orders and claiming the right to interpret the law for the Executive Branch.

The Republicans had good reason to want to help Bush bury these memos, because they showed breathtaking efforts on the part of the Bush Administration to evade the law.

And that’s the fight that Dick Durbin analogized this one to.

9th Circuit: No Way to Punish the Government If They Illegally Collect (But Don’t Use) Your Telecommunications

August 7, 2012/10 Comments/in FISA /by emptywheel

As Josh Gerstein just reported, the 9th Circuit has thrown out a decision against the government in the al-Haramain wiretapping suit. While they don’t comment on Judge Vaughn Walker’s judgement that al-Haramain had standing and had proven they had been spied on, the panel ultimately held that for the alleged actions–collecting al-Haramain’s telecommunications–the government has sovereign immunity. Al-Haramain can only sue individuals, not the government.

The ruling sucks for al-Haramain. But it has larger implications. Effectively, the 9th Circuit is saying there’s no way to hold the government accountable for simply collecting your telecommunications illegally; you can only hold them accountable if they use that information in a trial.

It distinguishes those two activities this way, pointing to language that specifically invokes the United States as a defendant in case of 1806 (use in an official proceeding) but not 1810 (collection).

Contrasting § 1810 liability, for which sovereign immunity is not explicitly waived, with § 1806 liability, for which it is, also illuminates congressional purpose. Liability under the two sections, while similar in its reach, is not identical. Section 1806, combined with 18 U.S.C. § 2712, renders the United States liable only for the “use[ ] and disclos[ure]” of information “by Federal officers and employees” in an unlawful manner. Section 1810, by contrast, also creates liability for the actual collection of the information in the first place, targeting “electronic surveillance or . . . disclos[ure] or use[ ]” of that information. (emphasis added). Under this scheme, Al-Haramain can bring a suit for damages against the United States for use of the collected information, but cannot bring suit against the government for collection of the information itself. Cf. ACLU v. NSA, 493 F.3d 644, 671 (6th Cir. 2007) (Lead Opinion of Batchelder, J.) (noting that FISA potentially allows limitless information collection upon issuance of warrant, but limits use and dissemination of information under, inter alia, § 1806(a)). Although such a structure may seem anomalous and even unfair, the policy judgment is one for Congress, not the courts. Also, because governmental liability remains under § 1806, the district court’s concern that FISA relief would become a dead letter is not valid. See In re Nat’l Sec. Agency Telecomms. Records Litig., 564 F. Supp. 2d at 1125.

[snip]

Congress can and did waive sovereign immunity with respect to violations for which it wished to render the United States liable. It deliberately did not waive immunity with respect to § 1810, and the district court erred by imputing an implied waiver. Al Haramain’s suit for damages against the United States may not proceed under § 1810.

Because al-Haramain, at a time when Vaughn Walker was using 1810 to get by the government’s State Secrets invocation, said “it was not proceeding under other sections of FISA,” its existing claim is limited to 1810. The government used the information collected–in a secret process that ended up declaring al-Haramain a terrorist supporter–but not in a trial, and therefore not in a way al-Haramain can easily hold the government liable for.

The implication, of course, is that all the rest of the collection the government engages in–of all of us, not just al-Haramain–also escapes all accountability. So long as the government never uses the information itself–even if the entire rest of their case is based on illegally collected information (as it was in, at a minimum, al-Haramain’s terrorist designation)–a person cannot hold the government itself responsible.

The people who can be held accountable? The non-governmental or non law enforcement persons who conduct the surveillance.

But of course, they–the telecoms–have already been granted immunity.

It’s Not Just Whether Nidal Hasan’s Emails Stuck Out, It’s Whether Abdulmutallab’s Did

August 6, 2012/6 Comments/in FISA, Fusion Centers, Intelligence /by emptywheel

I’ve been meaning to return to the Webster report on Nidal Hasan’s conversations with Anwar al-Awlaki. This conversation between Gunpowder & Lead and Intelwire about how alarming those emails were will be a start provides a good place to start.

Hasan’s emails should have raised more concern–but probably didn’t because of the sheer volume of Awlaki intercepts

G&L notes that certain details from the emails–such as his invocation of Hasan Akbar, a Muslim-American soldier who killed two officers in Kuwait–as an example that should have raised more concern than it did.

But more significant, his question to Awlaki didn’t actually deal with the valid question that he raised, the feeling of inner conflict between one’s faith and serving in the U.S. military. Instead, he leaped right to a question that should rightly trigger alarm: if Hasan Akbar died while attacking fellow soldiers, would he be a martyr? Hasan skipped over questions about whether serving in the U.S. military is religiously acceptable; whether going to war against fellow Muslims is a violation of religious principles. Instead, in addressing “some” soldiers who felt conflicted about fighting fellow Muslims, Hasan right away asked whether it was permissible to kill other U.S. soldiers in the way Hasan Akbar.

After a close analysis of a number of the emails, G&L refutes the representation of these emails as “fairly benign.”

I agree with that assessment (and would add that the suggestion, in a February 22, 2009 email, that Hasan was donating to entities that his mosque would not is another troubling detail). But I also agree with Intelwire. These emails, from an Army officer, surely merited more attention. But these emails, as they likely appeared among the stream of Anwar al-Awlaki communications, probably did not stick out.

Based on who Hasan was (a military officer), who he was talking to (a suspected 9/11 accomplice), and the fact he repeatedly tried to get Awlaki’s attention using a variety of stratagems, the case should have been escalated and Hasan’s superiors should have been informed.

But when you place the content of Hasan’s messages alongside all the other raw intelligence that counterterrorism investigations generate, it’s extremely hard to argue from a subjective, non-psychoanalytical reading that they represented a red flag.

Which is why this report has seemed poorly scoped to me. Because not only did Nidal Hasan’s emails fail to trigger further attention, but Umar Farouk Abdulmutallab’s contacts with Awlaki before Fort Hood did too.

In spite of the fact that the FBI had two people spending a significant chunk of each day (they claimed it took 40% or 3 hours of their work day; 88) reviewing communications tied to Awlaki, in spite of the fact that two men about to attack the US were in contact with Awlaki, “the FBI’s full understanding of Aulaqi’s operational ambitions developed only after the attempted bombing of Northwest Airlines Flight 253 on Christmas Day 2009.” (72)

The government also failed to respond to Abdulmutallab intercepts leading up to the Fort Hood attack

Consider: according to the report itself, Robert Mueller formally asked William Webster to conduct this inquiry on December 17, 2009 (though Webster’s appointment was reported over a week before then). Just 8 days later, another terrorist who had been in contact with Awlaki struck the US. Just 5 days after that, sources started leaking details of NSA intercepts from 4 months earlier (so around August) that might have warned about the attack.

Intelligence intercepts from Yemen beginning in early August, when Abdulmutallab arrived in that country, contained “bits and pieces about where he was, what his plans were, what he was telling people his plans were,” as well as information about planning by the al-Qaeda branch in Yemen, a senior administration official said. “At first blush, not all these things appear to be related” to the 23-year-old Nigerian and the bombing attempt, he said, “but we believe they were.”

It’s unclear how many of these intercepts were directly between Abdulmutallab and Awlaki, and therefore presumably reviewed by the FBI team in San Diego. But at least according to the sentencing materials submitted in the Abdulmutallab case (there are reasons to treat this with a bit of skepticism), there were substantive communications between Awlaki and Abdulmutallab.

Defendant provided this individual [who offered to connect him with Awlaki] with the number for his Yemeni cellular telephone. Thereafter, defendant received a text message from Awlaki telling defendant to call him, which defendant did. Read more →

Using Pensions to “Punish” “Leaks” Will Subject Clearance Holders to Arbitrary Power

August 1, 2012/4 Comments/in CIA Leak Case, FISA, Leak Investigations, Torture, WikiLeaks /by emptywheel

The Senate Intelligence Committee’s new anti-leak laws are the part of the Intelligence Authorization that will generate the most attention. Greg Miller already got Dianne Feinstein to admit there’s no reason to think one of the new provisions–permitting only the most senior intelligence officials to do background briefings–will limit leaks.

Feinstein acknowledged that she knew of no evidence tying those leaks or others to background sessions, which generally deal broadly with analysts’ interpretations of developments overseas and avoid discussions of the operations of the CIA or other spy services.

Another of the provisions–requiring intelligence committee heads to ensure that every sanctioned leak be recorded–ought to be named the Judy Miller and Bob Woodward Insta-Leak Recording Act.

(a) RECORD REQUIREMENT.—The head of each element of the intelligence community shall ensure that such element creates and maintains a record of all authorized disclosures of classified information to media personnel, including any person or entity under contract or other binding agreement with the media to provide analysis or commentary, or to any person or entity if the disclosure is made with the intent or knowledge that such information will be made publicly available.

I’m sure someone can think of some downside to this provision, but I can’t think of it at the moment (which is why Obama will probably find some way to eliminate it). It will end some of the asymmetry and abuse of classification as it currently exists.

In addition, there are a bunch of provisions that are just dumb bureaucracy.

But it’s this one that is deeply troubling. Among the other provisions making nondisclosure agreements more rigorous is a provision that would allow an intelligence community head to take away a person’s pension if they “determine” that an individual violated her nondisclosure agreement.

Read more →

Congress Can’t Legislate Oversight for Fear of Legal Challenges That’d Accomplish Oversight Congress Can’t Legislate

July 31, 2012/6 Comments/in Drones, FISA /by emptywheel

Julian Sanchez has his own rebuttal to former DOJ official Carrie Cordero’s claims that FISA has plenty of oversight (see mine here). You should definitely read it, which is wonky and interesting. But I wanted to add my non-wonky answer to a question Sanchez poses.

I’ll grant Cordero this point: as absurd as it sounds to say “we can’t tell you how many Americans we’re spying on, because it would violate their privacy,” this might well be a concern if those of us who follow these issues from the outside are correct in our surmises about what NSA is doing under FAA authority. The only real restriction the law places on the initial interception of communications is that the NSA use “targeting procedures” designed to capture traffic to or from overseas groups and individuals. There’s an enormous amount of circumstantial evidence to suggest that initial acquisition is therefore extremely broad, with a large percentage of international communications traffic being fed into NSA databases for later querying. If that’s the case, then naturally the tiny subset of communications later reviewed by a human analyst—because they match far narrower criteria for suspicion—is going to be highly unrepresentative. To get even a rough statistical sample of what’s in the larger database, then, one would have to “inspect”—possibly using software—a whole lot of the innocent communications that wouldn’t otherwise ever be analyzed. And possibly the rules currently in place don’t make any allowance for querying the database—even to analyze metadata for the purpose of generating aggregate statistics—unless it’s directly related to an intelligence purpose.

A few points about this. First: assuming, for the moment, that this is the case, why can’t NSA and DOJ say so clearly and publicly?

Sanchez dismisses a bunch of lame excuses that the government might provide. But he doesn’t consider another obvious answer.

The government can’t tell us it can’t tell us how many Americans get spied on after every foreign telecommunication gets sucked up because if it did, then it’d be a lot easier for the plaintiffs in Amnesty v. Clapper to get standing. And the government can’t have that–particularly not before SCOTUS hears the case on October 29–because if so it would allow the plaintiffs to actually challenge the underlying surveillance, and possibly even to challenge what I’ve called the database exception.

So the government can’t answer Ron Wyden’s questions before the FISA Amendments Act gets extended because the government is not about to let this extension wait until after the election, which is, after all, just a week after SCOTUS hears Clapper. And since the House is planning to leave DC for the election on October 5, it means the public simply can’t be told the underlying facts of this spying program, because it’d give Amnesty and the ACLU more than three weeks to figure out how to win their standing case at SCOTUS.

Which brings me to another piece of oversight we can’t have. Read more →

If Everything NSA Does is “Auditable,” Why Can’t NSA Tell Us How Many Americans They’ve Spied On?

July 28, 2012/10 Comments/in FISA /by emptywheel

NSA Director Keith Alexander just said this to the hackers at DefCon (while wearing an absolutely ridiculous hacker costume):

“We get oversight by Congress, both intel committees and their congressional members and their staffs,” he continued, “so everything we do is auditable by them, by the FISA court … and by the administration. And everything we do is accountable to them…. We are overseen by everybody. And I will tell you that those who would want to weave the story that we have millions or hundreds of millions of dossiers on people is absolutely false.”

But a month ago, Alexander’s Inspector General told Ron Wyden that an estimate of the number of people inside the United States who have had their communications collected or reviewed under the FISA Amendments Act “was beyond the capacity of his office.” Of note, the IG and NSA leadership–that is, presumably Alexander himself–claimed such a review would “violate the privacy of U.S. persons.”

I look forward to Ron Wyden’s response to Alexander’s seeming reversal on that earlier letter with claims of this unlimited auditability.

Why Are FAA Boosters Satisfied with Inadequate Oversight?

July 26, 2012/8 Comments/in FISA /by emptywheel

Julian Sanchez hosted a Cato event yesterday that examined surveillance generally and the FISA Amendments Act specifically. At it, Ron Wyden presented his concerns about the FISA Amendments Act and other surveillance, and then ACLU’s Michelle Richardson and NYT’s Eric Lichtblau added their own views.

There was one question asked during the question period claiming that the program undergoes adequate reviews. The questioner was Georgetown’s Director of National Security Studies, Carrie Cordero, who had a role on FISA implementation until 2010, who has now reprised and expanded her comments at Lawfare.

She starts by addressing Wyden’s request that DNI to tell Congress how many Americans have had their communications “collected or reviewed.”

In particular, they have, in a series of letters, requested that the Executive Branch provide an estimate of the number of Americans incidentally intercepted during the course of FAA surveillance. According to the exchanges of letters, the Executive Branch has repeatedly denied the request, on the basis that: i) it would be an unreasonable burden on the workforce (and, presumably, would take intelligence professionals off their national security mission); and ii) gathering the data the senators are requesting would, in and of itself, violate privacy rights of Americans.

The question of whether the data call itself would violate privacy rights is a more interesting one. Multiple oversight personnel independent of the operational and analytical wings of the Intelligence Community – including the Office of Management and Budget, the NSA Inspector General, and just last month, the Inspector General of the Intelligence Community, have all said that the data call requested by the senators is not feasible. The other members of the SSCI appear to accept this claim on its face. Meanwhile, Senator Wyden states he just finds the claim unbelievable. [my emphasis]

Note, first of all, that she mischaracterizes Wyden’s request. He asked about US person communication that had been “collected or reviewed,” whereas she claimed he was asking only about incidental interception. Those are different things, and what Wyden’s interested in is far more invasive than simply having your communications sitting in a data warehouse in UT unread.

That’s important because Cordero treats one aspect of the DNI IG’s response–the privacy claim–as an “interesting question,” but then she proceeds to not answer the question. She instead reverts back to what she had correctly portrayed as NSA’s claim that NSA didn’t have the capacity because it would be “unreasonable burden on the workforce,” then asks why Wyden doesn’t believe that claim.

Remember, the privacy claim was raised solely in terms of whether the NSA’s Inspector General could conduct a review, not whether NSA analysts should be pulled off reviewing intercepts to find out how many of them are Americans. So if that claim is not credible–and ultimately, she doesn’t say it is–then NSA IG’s sole remaining rationale is a manpower one.

Frankly, if it would take that much manpower to come up with an answer, it says the program isn’t being tracked adequately.

Cordero then gets to the jist of a comment she made at the hearing: that there are a bunch of reviews which provide adequate oversight.

Meanwhile, the assertion of today’s program’s title that the FAA enables “mass spying without accountability,” is debunked by the SSCI’s own report issued on June 7. The intelligence committees have been on the receiving end of a mountain of reports describing FAA activities, the FISA Court’s reviews, and the Executive Branch’s own compliance reviews. The SSCI report, and the additional written views of Senator Feinstein (D-CA), the Committee’s Chair, states that the statutorily-mandated reporting requirements “provide the Committee with extensive visibility into the application of…minimization procedures,” and have enabled the Committee to conduct “extensive” and “robust” oversight. The report goes on to detail all of the different categories of reports and briefings that have been provided to the Committee to facilitate their oversight role, in accordance with the National Security Act of 1947, as amended. [my emphasis]

Cordero claims that the SSCI report and DiFi’s additional reviews boast about reporting requirements. But only the word “extensive” appears in the report approved by SSCI as a whole, and it appears to simply repeat language from an appendix Eric Holder and James Clapper provided. The rest comes from this paragraph:

Third, the numerous reporting requirements outlined above provide the Committee with extensive visibility into the application of these minimization procedures and enable the Committee to evaluate the extent to which these procedures are effective in protecting the privacy and civil liberties of U.S. persons. Read more →

FAA Extension: The Data Gaps about Our Data Collection

July 24, 2012/13 Comments/in FISA /by emptywheel

As I noted the other day, part of the point of the language Ron Wyden got declassified the other day seemed to be to call out a misrepresentation in Dianne Feinstein’s Additional Views in the Senate Intelligence Report on the extension of the FISA Amendments Act. DiFi had claimed that “the FISA Court … has repeatedly held that collection carried out pursuant to the Section 702 minimization procedures used by the government is reasonable under the Fourth Amendment.” She neglected to mention that, “on at least one occasion the Foreign Intelligence Surveillance Court held that some collection carried out pursuant to the Section 702 minimization procedures used by the government was unreasonable under the Fourth Amendment.”

But since Wyden pointed back to that language, I wanted to note something else in the paragraph in which DiFi’s misleading claim appears: She suggests there is substantial reporting on the program.

This oversight has included the receipt and examination of over eight assessments and reviews per year concerning the implementation of FAA surveillance authorities, which by law are required to be prepared by the Attorney General, the Director of National Intelligence, the heads of various elements of the intelligence community, and the Inspectors General associated with those elements. In addition, the Committee has received and scrutinized un- redacted copies of every classified opinion of the Foreign Intelligence Surveillance Court (FISA Court) containing a significant construction or interpretation of the law, as well as the pleadings submitted by the Executive Branch to the FISA Court relating to such opinions.

[snip]

Third, the numerous reporting requirements outlined above provide the Committee with extensive visibility into the application of these minimization procedures and enable the Committee to evaluate the extent to which these procedures are effective in protecting the privacy and civil liberties of U.S. persons. [my emphasis]

But in her sentence claiming the FISA Court keeps approving the program, she reveals that the Court is not getting all those reports.

Notably, the FISA Court, which receives many of the same reports available to the Committee, has repeatedly held that collection carried out pursuant to the Section 702 minimization procedures used by the government is reasonable under the Fourth Amendment.

[my emphasis]

The Court receives “many” of the same reports. Which suggests it doesn’t see all of them.

That comment is all the more interesting because of something Pat Leahy said at least week’s Senate Judiciary Committee mark-up of the bill.

Congress has been provided with information related to the implementation of the FISA Amendments Act, along with related documents from the FISA Court. Based on my review of this information, and after a series of classified briefings, I do not believe that there is any evidence that the law has been abused, or that the communications of U.S. persons are being intentionally targeted.

[snip]

My views about the implementation of these surveillance authorities are based on the information we have available now – but there is more that we need to know. For example, important compliance reviews have not yet been completed by the Inspectors General of the Department of Justice or the NSA. Read more →

Ron Wyden to Dianne Feinstein: Pants on Fire

July 20, 2012/13 Comments/in FISA /by emptywheel

While the language about the FISA Amendments Act that Ron Wyden just got James Clapper to clear for release (first reported by Spencer Ackerman) doesn’t exactly call Dianne Feinstein a liar, it comes close.

Wyden got the following three statements cleared:

A recent unclassified report noted that the Foreign Intelligence Surveillance Court has repeatedly held that collection carried out pursuant to the FISA Section 702 minimization procedures used by the government is reasonable under the Fourth Amendment.
It is also true that on at least one occasion the Foreign Intelligence Surveillance Court held that some collection carried out pursuant to the Section 702 minimization procedures used by the government was unreasonable under the Fourth Amendment.
I believe that the government’s implementation of Section 702 of FISA has sometimes circumvented the spirit of the law, and on at least one occasion, the FISA Court has reached this same conclusion. [my emphasis]

The unclassified report in question is the Senate Intelligence Committee’s report from the FISA Amendments Act extension mark-up.

Third, the numerous reporting requirements outlined above provide the Committee with extensive visibility into the application of these minimization procedures and enable the Committee to evaluate the extent to which these procedures are effective in protecting the privacy and civil liberties of U.S. persons. Notably, the FISA Court, which receives many of the same reports available to the Committee, has repeatedly held that collection carried out pursuant to the Section 702 minimization procedures used by the government is reasonable under the Fourth Amendment. [my emphasis]

The passage in question comes from DiFi’s additional views.

With this declassified language, Wyden is making clear how incomplete DiFi’s claims about the law are.

But don’t worry, James Clapper’s office says. They’ve rectified the problems. Of NSA violating minimization requirements, that is, not of the Senate Intelligence Committee Chair making grossly misleading comments to push for passage of the extension.