5 Years of Data Not Collected by NSA

/18 Comments/in /by

Just days after General Keith Alexander successfully dodged questions about the NSA’s massive new data storage facility by disclaiming any responsibility for collecting US person data, the National Counterterrorism Center is preparing to extend how long they can retain US person data to 5 years.

The Justice Department is close to approving guidelines that would allow the intelligence community to lengthen the period of time it retains information about U.S. residents, even if they have no known connection to terrorism.

Senior U.S. officials familiar with the guidelines said the changes would allow the National Counterterrorism Center, the intelligence community’s clearinghouse for counterterrorism data, to keep such information for up to five years.

Currently, the center must promptly destroy any information about U.S. citizens or residents unless a connection to terrorism is evident.

I guess if you’ve got all that data storage space in UT, you’re going to need something to fill it with.

To justify this power grab, the WaPo’s sources point to two attacks that had nothing to do with the length of data retention: the Nidal Hasan attack, in which information on his conversations with Anwar al-Awlaki hadn’t been shared throughout the government, and Umar Farouk Abdulmutallab, in which his suspect status hadn’t been loaded into the no-fly list.

They don’t, however, point to a concrete example where 5 year old data of US persons might have helped solve an actual terror attack.

But thanks to this measure pushed through in almost complete secrecy, when they declare–say–your Church a terrorist organization in three year’s time, they’ll have records of your association with it in a database in UT.

Update: Here’s Charlie Savage on this. Here’s the new guidelines. And here’s the guidelines they replaced. I’ll come back to these later.

Homeland Security Twitter Monitoring in Action?

/2 Comments/in /by

A month ago, EPIC liberated documents pertaining to the Department of Homeland Security’s web monitoring program, including a list of terms (starting on page 20) that DHS’ contractors search for in an effort to monitor threats. The domestic security search terms include “attack,” “shooting;” the terrorism search terms include “suicide bomber” and “suicide attack.”

This story may be an example of what happens when DHS conducts that kind of surveillance. (h/t RR) It involves Iraq War veteran Franklin Delano Jeffries, who was busted in July 2010 for posting a YouTube on July 9, 2010 in which he talking about killing a judge if he lost a custody battle over his daughter (the video was taken down the same day). He had been on probation. Until, among other things (he also failed a drug test), DHS alerted the Probation Office that Jeffries “was making Twitter entries claiming he was going to commit suicide.” Now he’s back in federal custody.

Now, I don’t mean to minimize the problem of making threats against judges, though if this guy is making suicide threats he may have more serious problems.

But I am wondering whether DHS’ monitoring program is behind Jeffries’ re-arrest.

FBI Admits It Used GPS Tracking on 250 People without Probable Cause

/14 Comments/in , /by

NPR’s Carrie Johnson puts together the numbers on how many GPS trackers the FBI had to get warrants for after US v Jones held that you need a warrant to attach a GPS tracker to a car. And while she doesn’t state it this way, what the FBI basically admitted is that in 250 of the 3,000 cases where they had GPS units activated but no warrant–over 8% of the GPS devices in question–they lacked probable cause.

Before the Supreme Court ruling in late January, the FBI had about 3,000 GPS tracking devices in the field.

Government lawyers scrambled to get search warrants for weeks before the decision, working to convince judges they had probable cause to believe crimes were taking place.

But after the ruling, FBI officials tell NPR, agents still had to turn off 250 devices that they couldn’t turn back on.

FBI General Counsel Andrew Weissmann even admits to Johnson that they were using GPS tracking to get probable cause.

Weissmann says FBI agents in the field need clear rules. So, for now, he’s telling agents who are in doubt “to obtain a warrant to protect your investigation.”

But he says that’s not always possible.

“And the problem with that is that a search warrant requires probable cause to be shown and many of these techniques are things that you use in order to establish probable cause,” Weissmann says. “If you require probable cause for every technique, then you are making it very very hard for law enforcement.”

Now, I can understand why Weissmann and Robert Mueller would like to use GPS in the examples Mueller cited–where they have things like Internet statements and gun purchases.

But last I checked both of those things were constitutionally protected activities themselves.

So what the FBI’s reaction to Jones has really revealed is that it had been violating the Fourth Amendment protections of around 250 people to get around their First and Second Amendment protections.

Did GAO Deem Secret PATRIOT a Waste of Time?

/3 Comments/in , , /by

I noticed the same thing Charlie Savage did in this letter from Senators Wyden and Udall to Eric Holder complaining about the government’s secret interpretation of the PATRIOT Act. The Senators suggest that the secret program is not very useful.

We would also note that in recent months we have grown increasingly skeptical about the actual value of the “intelligence collection operation” discussed in the Justice Department’s recent court filing regarding the pending lawsuit. This has come as a surprise to us, as we were initially inclined to take the executive branch’s assertions about the importance of this “operation” at face value. We will provide more detail about this skepticism in a classified correspondence.

Their new-found skepticism about the program is rather interesting given that GAO recently completed a first-ever assessment of the FBI’s counterterrorism programs.

Thus, the Federal Bureau of Investigation had refused for years to submit to GAO oversight of its counterterrorism programs.  The Bureau contended that GAO had no authority to review the programs because they were funded through the intelligence budget.  Moreover, the FBI told Sen. Charles Grassley that the Office of Legal Counsel had ratified that position and supported its refusal to cooperate with GAO.

But that is now in the past.  The GAO recently completed a classified assessment of FBI counterterrorism programs with full cooperation from the FBI.  A public version of the report is expected to be released sometime in the spring.

I presume any GAO conclusions about the Secret PATRIOT program are just one factor contributing to Wyden and Udall’s skepticism. After all, Holder must know about the results of the GAO report by now, particularly if the document is being declassified (since that would require FBI’s involvement).

Nevertheless, it would be rather interesting if the long fight for real congressional oversight of intelligence programs led to increased skepticism about executive branch claims so quickly.

NSA Director Keith Alexander: The FBI Does the Domestic Collection

/33 Comments/in , /by

[youtube]oYNXVgYhPOc[/youtube]

Congressman Hank Johnson asked NSA Director Keith Alexander about James Bamford’s Wired article describing the data storage and analysis center in UT. Unfortunately, rather than ask Alexander about these activities–storage and analysis–Johnson asked Alexander about data collection. Here are excerpts of the exchange:

Johnson: Does NSA have the ability to identify Cheney bashers based on the content of their emails?

Alexander: No. Can I explain? NSA does not have the ability to do that in the United States. In the United States we would have to go through an FBI process–a warrant–to serve it to somebody to actually get it.

Johnson: But you do have the capability to do it?

Alexander: Not in the United States. We’re not authorized to collect nor do we have the equipment in the United States.

Johnson: “NSA’s signals intercepts include eavesdropping on domestic phone calls and inspection of domestic emails.” Is that true?

Alexander: No, not in that context. I think what he’s trying to raise is are we gathering all the information on the United States? No, that is not correct.

Johnson: What judicial consent is required for NSA to intercept communications and information involving American citizens?

Alexander: Within the United States, that would be the FBI lead.  If it was foreign actor in the United States the FBI would still have the lead and could work that with the NSA or other intelligence agencies as authorized. But to conduct that kind of collection in the United States it would have to go through a court order and a court would have to authorize it. We’re not authorized to do it nor do we do it.

Note that Alexander never denies that such capabilities exist. Rather, he says that FBI would intercept communications–with a court order–and FBI would search for certain content–with a warrant.

Also note, all of Alexander’s responses were in the present tense: he doesn’t say the NSA hasn’t done these things. Only that the NSA is not now authorized to do them and does not do them.

We know several things about the government’s collection in the US. First, the telecoms own the equipment–they’re the ones that do the intercepts, not FBI or NSA. Second, the FBI can and does get bulk data information from telecoms and other businesses using Section 215 of the PATRIOT Act.

I will have more to say about this later–until then, read this post and this post as background.

There is a great deal of circumstantial information to suggest that after the 2004 hospital confrontation–which was in part a response to Congress prohibiting any DOD use of data mining on Americans–chunks of the illegal wiretap program came to be authorized under Section 215 of the PATRIOT Act, which authorizes FBI data collection.

There’s nothing General Alexander said in this non-denial denial that would conflict with the notion that FBI collects data the telecoms intercept using Section 215 of the PATRIOT Act.

So Much for the FBI’s $100,000 Informant

/13 Comments/in , , /by

MoJo, which did a superb report on the FBI’s use of informants last year, reports that one of the guys they profiled in that package, Shahed Hussain, got sniffed out by a Pittsburgh area man, Khalifah Al-Akili, whom he was trying to ensnare in a sting.

Shahed Hussain, a long-time FBI terrorism informant Mother Jones profiled last year, has surfaced again—but this time, Google appears to have foiled his effort to identify a new target. Khalifah al-Akili, a 34-year-old Pittsburgh man who says he was approached by Hussain and another informant in January. Al Akili told the Albany Times-Union that after Hussain “repeatedly made attempts to get close” to him, he googled them. He found Trevor Aaronson’s August 2011 Mother Jones expose about the FBI’s massive network of undercover terrorism informants and confronted Hussain on the phone.

MoJo notes Akili is being held on gun charges, but it doesn’t really lay out what appears to have happened to him–which is that FBI was trying to build a terrorism charge against him, but then triggered the gun charge arrest after Akili publicized Hussain’s efforts to reach out to him.

Akili–formerly James Marvin Thomas Jr–was busted in 2001 on drug charges and sentenced to 2.5 to 5 years in prison. He says an informant tried to ensnare in him in 2005. The FBI Special Agent who testified in his bond hearing, Joseph Bieshelt, claimed that Akili expressed sympathy for the Taliban in 2005, which may be the same effort.

Mr. Akili is known to have expressed sympathy for the Afghan resistance movement in a 2005 conversation with a man he knew in prison, Agent Bieshelt said.

And both before and after his arrest and imprisonment, he had a history of fighting cops and ignoring warrants on minor infractions. He reportedly tried to run when the FBI came to arrest him on Thursday.

In December, according to Bieshelt, Akili was recorded saying, “that he was developing somebody to possibly strap a bomb on himself,”

Then, in January, Hussain and another informant, Shareef, tried to entrap Akili.

Al-Akili said he was approached by Hussain, who went by the name “Mohammed,” and another man, who used the name “Shareef,” in January when they turned up in his neighborhood and repeatedly made attempts to get close to Al-Akili. But Al-Akili said he quickly figured out Hussain’s identity as an FBI informant. He said the men were “too obvious” and requested receipts even for small items they purchased like coffee and donuts.

Al-Akili said Shareef also asked Al-Akili repeatedly if he could help him purchase a gun. Al-Akili said he told the man he could not help him.

Al-Akili said his suspicions the men were informants were confirmed when he saw a photograph of Hussain on the Internet. In addition, he said, a cell phone number Hussain had given him was the same number used by Hussain during a 2009 counterterrorism investigation against four Newburgh men in the small Orange County city. Al-Akili said he found the number and its connection to that case through a simple Internet search using Google.

Last week (so maybe around March 10), he called Hussain and asked if he was an FBI informant.

Al-Akili said the last time he spoke to Hussain was a week ago when Al-Akili said he called Hussain’s cell phone and asked him if he was an FBI informant. He said Hussain quickly ended the call. The other man, “Shareef,” vacated his apartment and vanished within a day, Al-Akili said.

He revealed all that to the Albany Times Union, which interviewed Al Akili on Sunday, March 11 (he also reportedly put it on his Facebook page, which I haven’t found yet). A US Marshall, Jonathan Neely, filed an affidavit for his arrest on March 14. And the FBI arrested him on Thursday–based primarily on a YouTube video from July 2010 showing him holding a gun at a gun range. On Friday, he was denied bail. On Saturday, the Times Union published their story revealing that Al Akili had identified and confronted Hussain.

Here’s what I find particularly interesting about all this.

Read more

The Rationale for NSA’s Bottomless Pit of Data: Hackers

/26 Comments/in , /by

In his must-read report on the bottomless data pit containing the NSA is building in Utah, James Bamford described the public explanations NSA Deputy Director Chris Inglis made when he broke ground on the facility.

[NSA deputy director Chris Inglis] arrived in Bluffdale at the site of the future data center, a flat, unpaved runway on a little-used part of Camp Williams, a National Guard training site. There, in a white tent set up for the occasion, Inglis joined Harvey Davis, the agency’s associate director for installations and logistics, and Utah senator Orrin Hatch, along with a few generals and politicians in a surreal ceremony. Standing in an odd wooden sandbox and holding gold-painted shovels, they made awkward jabs at the sand and thus officially broke ground on what the local media had simply dubbed “the spy center.” Hoping for some details on what was about to be built, reporters turned to one of the invited guests, Lane Beattie of the Salt Lake Chamber of Commerce. Did he have any idea of the purpose behind the new facility in his backyard? “Absolutely not,” he said with a self-conscious half laugh. “Nor do I want them spying on me.”

For his part, Inglis simply engaged in a bit of double-talk, emphasizing the least threatening aspect of the center: “It’s a state-of-the-art facility designed to support the intelligence community in its mission to, in turn, enable and protect the nation’s cybersecurity.” While cybersecurity will certainly be among the areas focused on in Bluffdale, what is collected, how it’s collected, and what is done with the material are far more important issues. Battling hackers makes for a nice cover—it’s easy to explain, and who could be against it? [my emphasis]

Inglis used hackers as cover for a spying facility that would collect and decrypt “all forms of communication, including the complete contents of private emails, cell phone calls, and Google searches, as well as all sorts of personal data trails—parking receipts, travel itineraries, bookstore purchases, and other digital ‘pocket litter’.” That is, Inglis used the threat of hackers to cover up for the fact that the government was spying on everyone.

Mind you, this was back in January 2011–before Anonymous threatened to take the Toobz down at a time when a key Anonymous hacker was being run by the FBI. Indeed, Inglis used hackers as his excuse for collecting massive amounts of data on everyone in the thick of the WikiLeaks excitement.

Nevertheless, Bamford describes Inglis publicly misleading about the centrality of hackers in the purpose of the bottomless pit when in fact the purpose is far broader. Particularly given the FBI’s recently exposed role running hackers, Inglis’ “double-talk” raises real questions about all the fear-mongering about hackers.

The Wiretap Jury on the Iran War

/14 Comments/in , /by

At a moment when the Obama Administration is still aggresively pursuing James Risen’s testimony on sources for an Iran story he wrote 7 years ago, on Saturday he published a new story summarizing the uncertainty surround intelligence on Iran right now.

In the story, Risen reveals that both the 2007 and the 2010 NIEs on Iran’s nuke program got held up and rethought because of intercepts collected during the writing process.

The draft version [of the 2007 NIE] had concluded that the Iranians were still trying to build a bomb, the same finding of a 2005 assessment. But as they scrutinized the new intelligence from several sources, including intercepted communications in which Iranian officials were heard complaining to one another about stopping the program, the American intelligence officials decided they had to change course, officials said. While enrichment activities continued, the evidence that Iran had halted its weapons program in 2003 at the direction of the supreme leader, Ayatollah Ali Khamenei, was too strong to ignore, they said.

[snip]

Intercepted communications of Iranian officials discussing their nuclear program raised concerns that the country’s leaders had decided to revive efforts to develop a weapon, intelligence officials said.

That, along with a stream of other information, set off an intensive review and delayed publication of the 2010 National Intelligence Estimate, a classified report reflecting the consensus of analysts from 16 agencies. But in the end, they deemed the intercepts and other evidence unpersuasive, and they stuck to their longstanding conclusion.

Risen goes on to lay out all the other intelligence we’ve got on Iran, as well as the significant failures that have set intelligence efforts back: we’ve got radar and satellite imagery of suspected nuke sites, clandestine electromagnetic and radiation sensors, and information from IAEA inspectors. We don’t have much HUMINT, in part because of an email error in 2004 that exposed our assets, in part because of aborted defection of Shahram Amiri in 2009, and in part because we don’t have an embassy to house people working under official cover. We’re trying hard, Risen said, to avoid relying on information from MEK via the Israelis, having learned our lesson from Ahmed Chalabi in the Iraq war.

But our key tool, it seems, is the wiretapping. In particular, the eavesdropping on just 12 or so top officials who know the program.

American intelligence officials said that the conversations of only a dozen or so top Iranian officials and scientists would be worth monitoring in order to determine whether the weapons program had been restarted, because decision-making on nuclear matters is so highly compartmentalized in Iran.

I wonder how the assassination of at least 4 Iranian nuclear scientists has circumscribed the intelligence we can gather from wiretaps?

In any case, that seems to be what the decision to go to war or not comes down to: these 12 Iranians speaking into our wiretaps.

Spooky AssadLeaks: The Provenance of the Emails

/20 Comments/in , , /by

As I wrote in this post, I got interested in the provenance of a set of leaked Bashar al-Assad emails largely because of the way in which two of them were used to suggest, dubiously, Nir Rosen was an Assad agent.

The Guardian and Al Arabiya have both offered posts describing, in part, how they came by the emails, with the Guardian’s offering more details. The short version is:

March 15, 2011: Uprising escalates in Daraa.

Late March: “a young government worker in Damascus” handed off a slip of paper to a friend. The paper had four codes (plus or including the two email addresses, the Guardian is not clear) that would provide access to personal email accounts of Bashar al-Assad and his wife Asma. The friend was apparently supposed to pass them onto “a small group of exiled Syrians who would know what to do with them.”

June: “Two Syrian professionals in a Gulf state” obtain the emails. The Guardian doesn’t explain whether they were the original intended recipients, nor does it explain the delay. Though it does include a blurb describing their sudden awakening to politics that makes it clear the Guardian has spoken to at least one of the activists and replicated their self-narrative uncritically.

The uprising in the southern Syrian city of Deraa on 15 March had empowered them, as it had hundreds of thousands of others in the totalitarian state. They were now determined to do what they could to bring an end to more than four decades of rule by the Assad clan.

“It was clear who we were dealing with,” said one of the activists. “This was the president and his wife. There was no doubt.”

August 6: Sabu solicits Syrian MOD hacker to “disrupt govt communication systems.”

June to December: The emails are used with increasing frequency over time; Assad appears to build a PR strategy using them.

January: Anonymous (which had been infiltrated by the FBI since at least June, the same month the Syrian activists purportedly got the email codes) hacks Bashar al-Assad’s servers, accessing 78 different email accounts.

February 7: Anonymous releases the Assad emails which were published by Ha-aretz, claims the password was 12345. These are, at least in part, the very same emails being released today. Assad’s brother-in-law Firas al-Akhras emails him to tell him the inbox of the Ministry of Presidential Affairs had been leaked. All the emails are shut down.

March 15, 2012: The emails published.

In their narratives, neither the Guardian nor al Arabiya note that the FBI had been running Sabu since last June, precisely the same month the “activists” reportedly got the “secret codes” (12345?) that would allow them to access the Assad emails.

Now there are plenty of questions I have about this: Who was the mole, how did he or she get this information, who was the friend, what caused the 3-month delay. All of those questions, of course, are particularly interesting giving the coincidence of timing with the Sabu recruitment.

And why release these emails now? Just because of the one-year anniversary of Daraa, and the other events planned for the day?

Suffice it to say it feels a lot like outside entities–aside from whatever professionals-turned-activists purportedly monitored these accounts–were involved.

With that feeling in mind, two more details worth noting. First, al Arabiya’s story on how they got the emails focuses instead on what they didn’t publish: a bunch of “scandalous emails.”

Hundreds of “scandalous” emails were accordingly deleted by Al Arabiya.

By comparison, the Guardian said only it didn’t publish personal emails. Both sources, however, want people–perhaps including Assad?–to know that there were more emails that may be out there.

The other thing I find interesting is the detail the Guardian pays to Assad’s email habits.

[The Syrian activists in the Gulf state] soon noticed differences in the way the couple used their email accounts. “We had to be quick with Bashar’s emails,” one of the activists said. “He would delete most as soon as they arrived in his inbox, whereas his wife wouldn’t. So as soon as they went from unread to read we had to get them fast.”

Deleting emails as soon as they arrive shows a degree of awareness of web security. So too did the fact that Assad never attached his name or initials to any of the emails he sent. However, many of the emails that arrived in his inbox are addressed to him as president and contain intimate details of events and discussions that were not known outside of the inner sanctum and would have been very difficult to manipulate.

Even before I remembered that the same guy the Guardian claims was showing some web security used “12345” as his password, this entire passage sounded bogus, more like a way to provide cover for some other means to collect these emails that don’t involve more sophisticated wiretapping of packets, as opposed to email in-boxes.

But once you remember this is a guy who reportedly used “12345” as his password, then the entire claim Assad was practicing good security becomes laughable. Which makes this entire passage suspect.

There are two stories of how Bashar al-Assad got his emails hacked in the last year. In one version, Syrian activists managed to spy on their dictator in real time and are presumably releasing emails that lack a smoking gun (but did include “scandalous” emails) as a sort of anniversary present for Assad. The other story involves the FBI flipping at least one hacker and having him continue to hack at their command.

Or maybe there’s just one, far more intriguing story.

The Secret PATRIOT FOIA

/11 Comments/in , /by

To cap off Sunshine week, there was a slew of FOIA news today. For now, I’m just going to look at the response the ACLU got on its request for “OLC legal opinions and memoranda concerning or interpreting Section 215 of the USA Patriot Act.”

Josh Gerstein noted one interesting aspect of this response: the government has withheld two documents on Exemption 5–or deliberative privilege grounds. Now, the government usually claims deliberative privilege on these memos, arguing that the memos are just interpretation for whatever Executive Branch client who makes the final decision.

But this also suggests they may not be claiming these memos are classified.

Except the DOJ response does note they’ve referred one of two documents to OLC for further review.

… the Office of Information Policy has referred one document to OLC for direct response to ACLU. The document is the same as one of the two documents described above.

I wonder whether they have referred this document for full classification review.

And then there is DOJ’s all but admission that they’ve carved out the most sensitive documents on this topic–which we believe to be the use of phone GPS to get geolocation in the US. They say,

the ACLU has stipulated in ACLU v. FBI, 11 Civ. 7562 (S.D.N.Y.) that the request is limited to OLC legal opinions and memoranda concerning or interpreting Section 215 of the USA Patriot Act.

As Gerstein notes, the documents that really explain Secret PATRIOT are FISA Court opinions.

It is possible is that the OLC documents in question are not the holy grail senators, the ACLU and the Times have been seeking, but some more mundane interpretations of Section 215. Wyden and Udall suggested in their letter that the key documents amounting to “secret law” are actually classified opinions of the Foreign Intelligence Surveillance Court. Any administration legal interpretations of those opinions may also not have come from OLC, but from lawyers at the FBI or elsewhere in the intelligence community. The government is withholding other documents in the FOIA litigation as classified.

Like I say, this is a nice cap to Sunshine week–yet more obfuscation.

image_print