BREAKING: What emptywheel Reported Two Years Ago

/9 Comments/in /by

The NYT today:

The National Security Agency has used its bulk domestic phone records program to search for operatives from the government of Iran and “associated terrorist organizations” — not just Al Qaeda and its allies — according to a document obtained by The New York Times.

[snip]

The inclusion of Iran and allied terrorist groups — presumably the Shiite group Hezbollah — and the confirmation of the names of other participating companies add new details to public understanding of the once-secret program. The Bush administration created the program to try to find hidden terrorist cells on domestic soil after the attacks of Sept. 11, 2001, and government officials have justified it by using Al Qaeda as an example.

emptywheel, 15 months ago:

I want to post Dianne Feinstein’s statement about what Section 215 does because, well, it seems Iran is now a terrorist. (This is around 1:55)

The Section 215 Business Records provision was created in 2001 in the PATRIOT for tangible things: hotel records, credit card statements, etcetera. Things that are not phone or email communications. The FBI uses that authority as part of its terrorism investigations. The NSA only uses Section 215 for phone call records — not for Google searches or other things. Under Section 215, NSA collects phone records pursuant to a court record. It can only look at that data after a showing that there is a reasonable, articulable that a specific individual is involved in terrorism, actually related to al Qaeda or Iran. At that point, the database can be searched. But that search only provides metadata, of those phone numbers. Of things that are in the phone bill. That person, um [flips paper] So the vast majority of records in the database are never accessed, and are deleted after a period of five years. To look at, or use content, a court warrant must be obtained.

Is that a fair description, or can you correct it in any way?

Keith Alexander: That is correct, Senator. [underline/italics added]

Some time after this post Josh Gerstein reported on Keith Alexander confirming the Iran targeting.

The NYT today:

One document also reveals a new nugget that fills in a timeline about surveillance: a key date for a companion N.S.A. program that collected records about Americans’ emails and other Internet communications in bulk. The N.S.A. ended that program in 2011 and declassified its existence after the Snowden disclosures.

In 2009, the N.S.A. realized that there were problems with the Internet records program as well and turned it off. It then later obtained Judge Bates’s permission to turn it back on and expand it.

When the government declassified his ruling permitting the program to resume, the date was redacted. The report says it happened in July 2010.

emptywheel in November 2013:

I’ve seen a lot of outright errors in the reporting on the John Bates opinion authorizing the government to restart the Internet metadata program released on Monday.

Bates’ opinion was likely written in July 2010.

[snip]

It had to have been written after June 21, 2010 and probably dates to between June 21 and July 23, 2010, because page 92 footnote 78 cites Holder v. HLP (which was released on June 21), but uses a “WL” citation; by July 23 the “S. Ct.” citation was available. (h/t to Document Exploitation for this last observation).

So: it had to have been written between June 21, 2010 and October 3, 2011, but was almost certainly written sometime in the July 2010 timeframe.

The latter oversight is understandable, as this story — which has been cited in court filings — misread Claire Eagan’s discussions of earlier bulk opinions, which quoted several sentences of Bates’ earlier one (though it was not the among the stories that really botched the timing of the Bates opinion).

In September, the Obama administration declassified and released a lengthy opinion by Judge Claire Eagan of the surveillance court, written a month earlier and explaining why the panel had given legal blessing to the call log program. A largely overlooked passage of her ruling suggested that the court has also issued orders for at least two other types of bulk data collection.

Specifically, Judge Eagan noted that the court had previously examined the issue of what records are relevant to an investigation for the purpose of “bulk collections,” plural. There followed more than six lines that were censored in the publicly released version of her opinion.

There have been multiple pieces of evidence to confirm my earlier July 2010 deduction since.

The big news in the NYT story (though not necessarily the NYT documents, which I’ll return to) is that in 2010, Verizon Wireless also received phone dragnet orders. I’ll return to what that tells us too.

But the news that Iran was targeted under the phone dragnet was confirmed publicly — and reported here — in a prepared statement from the Senate Intelligence Chair and confirmed by the Director of National Security Agency a week after the first Snowden leak story.

Share this entry

Christie Lied about 9/11 to Try to Shut Down Paul’s Opposition to Dragnet Spying [Updated]

/25 Comments/in /by

One of the most contentious exchanges in last night’s debate came when Megyn Kelly raised Chris Christie’s past attacks on Rand Paul for opposing the bulk dragnet.

KELLY: Alright, gentlemen, we’re gonna switch topics now and talk a bit about terror and national security.

Governor Christie. You’ve said that Senator Paul’s opposition to the NSA’s collection of phone records has made the United States weaker and more vulnerable, even going so far as to say that he should be called before Congress to answer for it if we should be hit by another terrorist attack.

Do you really believe you can assign blame to Senator Paul just for opposing he bulk collection of people’s phone records in the event of a terrorist attack?

CHRISTIE: Yes, I do. And I’ll tell you why: because I’m the only person on this stage who’s actually filed applications under the Patriot Act, who has gone before the federal — the Foreign Intelligence Service court, who has prosecuted and investigated and jailed terrorists in this country after September 11th.

I was appointed U.S. attorney by President Bush on September 10th, 2001, and the world changed enormously the next day, and that happened in my state.

This is not theoretical to me. I went to the funerals. We lost friends of ours in the Trade Center that day. My own wife was two blocks from the Trade Center that day, at her office, having gone through it that morning.

Never mind that most US Attorneys don’t, themselves, go before the FISC to present cases (usually it is people from the National Security Division, though it was OIPR when Christie was US Attorney), never mind that the name of the court is the “Foreign Intelligence Surveillance Court.

The real doozie here is Chris Christie’s claim that he “was appointed U.S. attorney by President Bush on September 10th, 2001.”

On December 7, 2001 — three months after the attacks — President Bush released this notice of nomination.

The President intends to nominate Christopher J. Christie to be United States Attorney for the District of New Jersey.   Christie has been a partner with Dughi, Hewitt and Palatucci of Cranford, New Jersey since 1987.  He is a graduate of the University of Delaware and Seton Hall University School of Law.

Christie was confirmed quickly and started as US Attorney in January 2002.

Now, maybe Bush spoke with his big New Jersey fundraiser Chris Christie and assured him the payoff — in the form of a key appointment — would be coming. Maybe that conversation even happened on September 10.

But it is not the case that he was nominated on September 10.

I attribute this fib — like the mistakes about the name of FISC — to be bluster and debate confusion. What I find more offensive is that Andrea Mitchell, when hailing Christie’s national security credentials later in the night, literally claimed he was nominated on September 10 and started on September 12.

And there’s a far bigger subtext here.

Christie implies he was involved in the dragnet in question. He was US Attorney from January 2002 to December 2008 — so he in fact would have been in office during the two years when the phone dragnet worked through the Servic–um, Surveillance court, and four years of the Internet dragnet. But if, as he implies, he was involved in the dragnet for the entire span of his tenure — and remember, there were huge cases run out of Trenton right out of 9/11 — then he was also using the fruits of illegal wiretapping to do his job. Not Servic — um, Surveillance court authorized dragnets and wiretaps, but also illegal wiretaps.

Which may explain why he’s so invested in rebutting any questions about the legitimacy of the program.

Update: Here’s what his official biography says about his tenure as US Attorney. (h/t JH)

Christie was named U.S. Attorney for the District of New Jersey in 2002. As the chief federal law enforcement officer in New Jersey, earning praise from leaders in both parties and drawing national attention for his efforts in battling political corruption, corporate crime, human trafficking, gangs, terrorism and environmental polluters.

Update: In an absolutely hysterical attempt to rebut the clear fact that he was not nominated when he said he was, Christie’s people said he was informed he would be on September 10 at 4:30 (as I suggested was likely). But the rest of the explanation makes it clear they hadn’t even done a background check yet!

The intervening crisis caused by the terrorist attacks on New York and Washington then delayed action on the nomination. In the interview for the book, Christie said he didn’t hear again from the White House for two weeks and that things were slowed because there were no available FBI agents to do background checks, as they had been assigned to investigating the 9/11 attacks.

 

Share this entry

FBI’s 5-Year Effort to Avoid Inspector General Scrutiny of Its Phone Dragnet Use

/8 Comments/in /by

Screen Shot 2015-08-05 at 1.15.53 PMAs part of today’s Senate Judiciary Hearing on DOJ OLC’s decision to make DOJ’s Inspector General ask nicely before it gets certain kinds of materials it needs to conduct its work, John Cornyn asked what changed in 2010 to make the FBI start pushing back against sharing information freely with the IG.

Inspector General Michael Horowitz responded,

I was not the Inspector General at that time, but my understanding is that the memos and decisions from the legal counsel at the FBI followed several OIG reviews of the handling of National Security Letters, Exigent Letters, and other hard-hitting OIG reviews, because there was no other change in the law, no policy change, no regulatory change…

Horowitz is suggesting that because Horowitz’ predecessor, Glenn Fine, released reports that showed FBI abuse of national security programs, FBI started pushing back against sharing information. The claim is particularly interesting given that the Exigent Letters report, which was released in January 2010, significantly implicated FBI’s General Counsel’s office, including then General Counsel and now lifetime appointed judge (with Cornyn’s backing) Valerie Caproni.

The suggestion is also interesting given that Fine resigned in 2010 after starting an investigation into the use ofSection 215 and PRTT. It took years before DOJ had a working Inspector General again, resulting in a long delay before Congress got another report on how the government was using the phone dragnet.

All of which is all the more troubling, given that Horowitz revealed that,

Just yesterday, I’m told, in our review of the FBI’s use of the bulk telephony statute, a review that this committee has very much been interested in our doing, we got records with redactions, not for grand jury, Title III, or fair credit information, because those have been dealt with, but for other areas that the FBI has identified legal concerns about.

This is particularly troubling given that just weeks ago the USA Freedom Act mandated certain IG reviews of phone dragnet activities.

But the FBI is still obstructing such efforts.

Share this entry

I Con the Record: Drop the Lawsuits and We’ll Release the Data Hostages

/2 Comments/in /by

I Con the Record just announced that the NSA will make the phone dragnet data it has “analytically unavailable” after the new system goes live in November, and unavailable even to techs three months later.

On June 29, 2015, the Foreign Intelligence Surveillance Court approved the Government’s application to resume the Section 215 bulk telephony metadata program pursuant to the USA FREEDOM Act’s 180-day transition provision. As part of our effort to transition to the new authority, we have evaluated whether NSA should maintain access to the historical metadata after the conclusion of that 180-day period.

NSA has determined that analytic access to that historical metadata collected under Section 215 (any data collected before November 29, 2015) will cease on November 29, 2015.  However, solely for data integrity purposes to verify the records produced under the new targeted production authorized by the USA FREEDOM Act, NSA will allow technical personnel to continue to have access to the historical metadata for an additional three months.

Separately, NSA remains under a continuing legal obligation to preserve its bulk 215 telephony metadata collection until civil litigation regarding the program is resolved, or the relevant courts relieve NSA of such obligations. The telephony metadata preserved solely because of preservation obligations in pending civil litigation will not be used or accessed for any other purpose, and, as soon as possible, NSA will destroy the Section 215 bulk telephony metadata upon expiration of its litigation preservation obligations.

As I understand it, whatever data has been found to be two or three degrees of separation from a baddie will remain in NSA’s maw, but the data that has never returned off a search will not.

I’m pleasantly surprised by this, as I suspect it reflects a decision to accept the Second Circuit verdict in ACLU v. Clapper and to move to shut down other lawsuits.

As I noted, two weeks ago, the ACLU moved for an injunction against the dragnet, which not only might have led to the Second Circuit ordering the government to purge ACLU’s data right away (and possibly, to stop collecting all data), but also basically teed up the Second Circuit to remind the FISC it is not an appellate court. I worried that would lead the FISC to ask FISCR to review its dragnet decisions under a provision newly provided under the USA F-ReDux.

Shortly after ACLU filed its request for an injunction, the government asked for an extension to … today, which the court granted.

So I assume we’ll shortly see that filing arguing that, since the government has voluntarily set a purge date for all the dragnet data, ACLU should not get its injunction.

That doesn’t necessarily rule out a FISCR fast track request, but I think it makes it less likely.

The other player here, however, is the EFF.

I believe both ACLU and EFF’s phone dragnet client Council on American Islamic Relations, had not only standing as clients of dragnetted companies, but probably got swept up in the two-degree dragnet. But CAIR probably has an even stronger case, because it is public that FISC approved a traditional FISA order against CAIR founder Nihad Awad. Any traditional FISA target has always been approved as a RAS seed to check the dragnet, and NSA almost certainly used that more back when Awad was tapped, which continued until 2008. In other words, CAIR has very good reason to suspect the entire organization has been swept up in the dragnet and subjected to all of NSA’s other analytical toys.

EFF, remember, is the one NGO that has a preservation order, which got extended from its earlier NSA lawsuits (like Jewel) to the current dragnet suit. So when I Con the Record says it can’t destroy all the data yet, it’s talking EFF, and by extension, CAIR. So this announcement — in addition to preparing whatever they’ll file to get the Second Circuit off its back — is likely an effort to moot that lawsuit, which in my opinion poses by far the biggest threat of real fireworks about the dragnet (not least because it would easily be shown to violate a prior SCOTUS decision prohibiting the mapping of organizations).

We’ll see soon enough. For the moment, though, I’m a bit surprised by the cautious approach this seems to represent.

Update: Timeline on data availability fixed.

Update: Here’s the government’s brief submitted today. I’m rather intrigued by how often the brief claims USA F-ReDux was about bulk “telephony” data when it was supposed to be about all bulk collection. But I guess I can return to that point.

Update: They depart from describing USA F-ReDux as a ban bulk collection of telephony when they describe it as a ban on collection of bulk collection under Section 215, also not what the bill says.

Part of the compromise on which Congress settled, which the President supported, was to add an unequivocal ban on bulk collection under Section 215 specifying that “[n]o order issued under” Section 215(b)(2) “may authorize collection of tangible things without the use of a specific selection term that meets the requirements” of that subsection.

Update: This is key language — and slightly different from what they argued before FISC. I will return to it.

Plaintiffs assert that, by not changing the language of Section 215 authorizing the collection of business records during the transition period, Congress implicitly incorporated into the USA FREEDOM Act this Court’s opinion holding that Section 215 did not authorize bulk collection. See Pls.’ Mot. 7- 8. Plaintiffs rely on language providing that the legislation does not “alter or eliminate the authority of the Government to obtain an order under” Section 215 “as in effect prior to the effective date” of the statute. USA FREEDOM Act § 109, 129 Stat. at 276. That language does not advance plaintiffs’ argument, however, because the statute says nothing expressly about what preexisting authority the government had under Section 215 to obtain telephony metadata in bulk. It is implausible that Congress employed the  word “authority” to signify that the government lacked authority to conduct the Section 215 bulk telephony-metadata program during the 180-day transition period, contrary to the FISC’s repeated orders and the Executive Branch’s longstanding and continuing interpretation and application of the law, and notwithstanding the active litigation of that question in this Court. That is especially so because language in the USA FREEDOM Act providing for the 180-day transition period has long been a proposed feature of the legislation. It is thus much more plausible that the “authority” Congress was referring to was not the understanding of Section 215 reflected in this Court’s recent interpretation of Section 215, but rather the consistent interpretation of Section 215 by 19 different FISC judges: to permit bulk collection of telephony metadata.

Share this entry

Richard Burr’s Backdoor Data Retention Amendment

/6 Comments/in /by

The Senate Intelligence Authorization is now available here.

In addition to language requiring social media companies to report terrorist activity on their network to the government — which yesterday Jim Comey said they didn’t need — it has a provision that might to lead to data retention mandates under USA F-ReDux. It requires reporting if any provider stops retaining call detail records at least 18 months.

SEC. 602. NOTIFICATION OF CHANGES TO RETENTION OF CALL DETAIL RECORD POLICIES.
(a) Requirement To Retain.—Not later than 15 days after learning that an electronic communication service provider that generates call detail records in the ordinary course of business has changed its policy on the retention of such call detail records to result in a retention period of less than 18 months, the Director of National Intelligence shall provide written notification of such change to the congressional intelligence committees.

(b) Definitions.—In this section:

(1) CALL DETAIL RECORD.—The term “call detail record”—

(A) means session-identifying information (including an originating or terminating telephone number, an International Mobile Subscriber Identity number, or an International Mobile Station Equipment Identity number), a telephone calling card number, or the time or duration of a call; and

(B) does not include—

(i) the contents (as defined in section 2510(8) of title 18, United States Code) of any communication;

(ii) the name, address, or financial information of a subscriber or customer; or

(iii) cell site location or global positioning system information.

(2) ELECTRONIC COMMUNICATION SERVICE.—The term “electronic communication service” has the meaning given that term in section 2510 of title 18, United States Code. [my emphasis]

The important details of this provision, however, are in the definitions.

This retention requirement applies to all electronic communication service providers that generate call detail records. That means it applies not just to telecoms, traditionally defined, but also to internet service providers. And the definition of call detail record relies on “session identifier,” not any phone call made.

That either confirms that USA F-ReDux will apply to Internet companies as well as phone companies, and/or it suggests SSCI wants data retention to apply to far more than just the newfangled phone dragnet.

Share this entry

T-Mobile’s Transparency: “Other,” and Granularity to Come on National Security Reports

/in /by

I think CNet is correct to point out the most amazing thing from T-Mobile’s transparency report released yesterday: somehow, T-Mobile is getting a lot more legal requests than its bigger rivals — though I suspect that’s because pre-paid/contract-less cell phones are a much larger part of its business, and therefore it probably does more business with potential law enforcement targets (for example, both Tsarnaev brothers were using T-Mobile pre-paid phones the day of the attack, and Tamerlan had been since his return from Russia, and the taxi driver busted via the phone dragnet also used T-Mobile).

But I’m interested in three more things about this report. First, as with Amazon, I’m interested that this report comes just after USA F-ReDux rolled out new ways for providers to report national security requests. That offers one possible explanation for why these two companies waited to release their reports.

On a very related note, T-Mobile not only chose to use one of the newfangled reporting options, but it suggested it might be able to do more granular reporting in the future.

Providers are authorized by statute to report the national security requests in one of three ways. T-Mobile has chosen to report a combined total of national security requests for this reporting period, and may be able to report more granular information in the future. To the extent we are permitted to report this information in the aggregate, it must be in bands of 250 increments.

I’ll have to think about why this might be (but remember the initial agreement required a 2-year wait before reporting new requests, so that may be part of it). But I find T-Mobile’s optimism they’ll be able to report more in the future curious.

Then, finally, there is T-Mobile’s “other” category, for which they had 11,105 requests in 2013 and only 8,760 last year (every other category, except national security reporting, has been growing at an alarming clip). T-Mobile explains this category this way:

This may include requests to preserve information pursuant to 18 USC § 2704, requests for T-Mobile information (not customer information), requests pursuant to The Fair and Accurate Credit Transactions Act of 2003, and any other request that does not match a category above.

Given that T-Mobile uses AT&T’s backbone, I think it quite likely it gets a lot of preservation orders, because the FBI will frequently know immediately about T-Mobile traffic, but take some time for legal process on the actual account (indeed, I think that may have happened with the Tsarnaevs, given the way DOJ obscured whether it got T-Mobile information or AT&T information first). It’s also possible other providers don’t distinguish here, and only report the ultimate order or warrant that the information gets preserved for.

That said, there’s a lot of these requests (and the decline is rather curious, given how quickly everything else has gone up).

One more thing. Remember that the current dragnet order may have added another provider. If so, T-Mobile is one of the most likely candidates.

Share this entry

Did NSA Add a New Dragnet Provider with Its Latest Order?

/1 Comment/in /by

Cryptome has published the latest phone dragnet order. Contrary to reports, the dragnet order is only for two months (until the end of August), not until the expiration of the bulk dragnet in November, plus retroactive collection to May 31. It also has new language reflecting changes in minimization requirements in USA Freedom Act, and updated language to reflect the Second Circuit’s decision in a paragraph ordering that the government inform FISC if anything changes because of the pending circuit court decisions.

But the most interesting change has to do with the redactions.

The initial redaction (which lists all the providers) is not the same size — the new order, 15-75, has a wider redaction than the last order, 15-24, but the earlier order may be a line longer. But it is very close.

But the paragraph addressing custodians of records is clearly different. Here’s what that first few lines in that paragraph in 15-24 looks like:

Screen Shot 2015-07-03 at 2.57.57 PM

Here’s what it looks like in 15-75.

Screen Shot 2015-07-03 at 3.01.01 PM

The following paragraph, which addresses Verizon, appears to be the same.

There are two things that might explain the change in redaction. First, the providers may remain the same (understood to be AT&T and Sprint), but the official name used to refer to one may have changed — though I’m not aware of any changes at AT&T or Sprint that might explain that.

Or, they may have added another provider.

Mind you, I expect the government to add new providers once they move to the new querying technique in November, as the government will almost certainly be querying more newfangled kinds of “calls” and “texts” (to include VOIP and other Internet-based communications). So I think additional providers are inevitable.

Still, at least from the redactions of this order, it appears NSA may have already added a new provider.

Share this entry

NSA Gets Full Take on FISA-Authorized Web Forums

/3 Comments/in /by

Screen Shot 2015-07-02 at 6.03.50 PMAmong the document dump associated with the Intercept’s two stories on XKeyscore, there’s one that has importance outside of the discussion of how XKeyscore works in the slide deck on how XKS works on web forum data.

It reveals what was fairly predictable, but has never been confirmed: That the NSA obtains “full take” on US-based web forums that it can get FISA orders for.

This has been suggested in a number of terrorist proceedings — that the targets were first identified in a forum, and from there targeted for more surveillance (or, just as often, for an FBI undercover sting).

The XKS deck in question further makes clear that the NSA saves all of the data from such forums, so that data will come up in XKS queries going forward. Further, the NSA can pull the messages that use one of the most popular extremist tools for encryption.

All this almost certainly means that the same web forum data would be available to FBI Agents for back door searches at the Assessment level, so even the mere participation in a web forum may target someone for further investigation (or even, for coercion to become an informant himself).

Again, this has been fairly clear for some time. But this slide deck confirms what the government has been obscuring from defense attorneys.

 

Share this entry

XKeyscore Suffers from Same Giant Oversight Loophole as Phone Dragnet and SIGDEV: No Tech Audits

/1 Comment/in /by

I’ve long pointed to a giant oversight hole in key NSA programs: in both the domestic phone dragnet and SIGDEV (research and development), tech activities are excluded from auditing requirements.

In a piece reviewing what happens with XKS today, Intercept’s Micah Lee points out that the same loophole appears to exist in XKeyscore, the querying system that filters through the globally collected data. Sysadmins not only don’t have their own audited log-ins (a condition that appears to be what was in existence for the PRTT dragnet until 2009), but they can access the system outside of the normal querying process that gets audited.

When systems administrators log into XKEYSCORE servers to configure them, they appear to use a shared account, under the name “oper.” Adams notes, “That means that changes made by an administrator cannot be logged.” If one administrator does something malicious on an XKEYSCORE server using the “oper” user, it’s possible that the digital trail of what was done wouldn’t lead back to the administrator, since multiple operators use the account.

There appears to be another way an ill-intentioned systems administrator may be able to cover their tracks. Analysts wishing to query XKEYSCORE sign in via a web browser, and their searches are logged. This creates an audit trail, on which the system relies to assure that users aren’t doing overly broad searches that would pull up U.S. citizens’ web traffic. Systems administrators, however, are able to run MySQL queries. The documents indicate that administrators have the ability to directly query the MySQL databases, where the collected data is stored, apparently bypassing the audit trail.

Now, Lee is just pointing out a problem that exists technically, based on the documents describing the system.

But as we’ve seen, with the phone dragnet, at least, this is by design. The NSA simply doesn’t track tech functions as closely as it does analysts, which are more closely watched (but some, not all, of whose activities are still subject to randomness of audits), even though some techs have more direct access to raw data (by necessity). Indeed, what Snowden accomplished would have been impossible — or at least, would have been tracked more quickly than months — if this weren’t the case.

Whether or not you support NSA’s dragnet, this is a bureaucratic problem, one that rightly raises questions about the good faith of the system.

NSA said that after Snowden they instituted two person sign-off for some activities. They’d do well to release evidence they have actually done so.

Share this entry

Once Again Sammy Alito’s Speculative Chain of Possibilities Proves True

/3 Comments/in , /by

Back when SCOTUS Justice Sam Alito wrote the opinion booting the ACLU-argued challenge to Section 702, he said the plaintiffs’ worries — that the US government was collecting their international communications under Section 702 — were too speculative to give them standing to challenge the constitutionality of the statute.

In sum, respondents’ speculative chain of possibilities does not establish that injury based on potential future surveillance is certainly impending or is fairly traceable to §1881a.

The named plaintiff in that suit — the NGO wildly speculating that the US government was reading its international communication with human rights victims and others — was Amnesty International.

Today, UK’s Investigatory Powers Tribunal informed Amnesty International that unnamed UK government agencies have been intercepting their communications.

In a shocking revelation, the UK’s Investigatory Powers Tribunal (IPT) today notified Amnesty International that UK government agencies had spied on the organization by intercepting, accessing and storing its communications.

[snip]

“After 18 months of litigation and all the denials and subterfuge that entailed, we now have confirmation that we were in fact subjected to UK government mass surveillance. It’s outrageous that what has been often presented as being the domain of despotic rulers has been occurring on British soil, by the British government,” said Salil Shetty, Amnesty International’s Secretary General.

Admittedly, this doesn’t confirm that Amnesty has been swept up in 702 collection, but given the likelihood that one of the agencies, plural, that has intercepted Amnesty’s communications is GCHQ, and given the broad sharing between it and its Five Eyes partner NSA, it is almost certain NSA has those communications as well (if they didn’t actually collect some of them).

Amnesty is trying to gain clarity from the US on whether it, too, has spied on the NGO.

But, predictably, Amnesty had a better idea of what a threat the government posed for its work than Sammy Alito did.

 

Share this entry