Time for an Executive Branch Internet Dragnet

/4 Comments/in , , /by

As George Zornick and Josh Hicks laid out (saving me the trouble) the news that IRS lost Lois Lerner’s emails from the period during which she reviewed the tax status of political groups is not all that surprising. After all, there’s a long history of the Executive Branch “losing” emails from a period that ends up being scandalous, including:

  • John Yoo’s emails from the period when he was working with David Addington to pre-authorize torture
  • SEC’s emails on the earliest non-investigations of Bernie Madoff
  • OVP’s emails from the days after DOJ initiated an investigation into the CIA leak case (and 5 million other emails)

I’d add two things to their list. This whole tradition started when the Reagan and Bush White House tried to destroy emails concerning the Iran-Contra scandal. And there’s a parallel tradition of having White House political staff conduct official business on non-White House emails, as both Bush and Obama’s White House have done.

And unfortunately, Steven Stockman hasn’t been paying attention. He asked NSA Director Mike Rogers for the metadata from Lerner’s missing emails. But NSA has already claimed they destroyed all their Internet dragnet records when they shut down the program in 2011. Perhaps Stockman should ask FBI whether they’ve got an Internet dragnet that might have collected on Lois Lerner?

Stockman is a nut.

But he might be onto something here. The government argues it is reasonable to collect all the records of all Americans in order to protect against the worst kinds of crimes people in the US might commit. Yet every time emails go missing, they do so amidst allegations of the worst kind of bad faith from the Executive Branch. If the threat of terrorism justifies comprehensive dragnets, based in part on the possibility the culprits will destroy evidence, then doesn’t the Executive Branch’s serial inability to fulfill its archival responsibilities under the law in the face of allegations of abuse of office do so too?

Besides, making a central repository of all the Executive Branch’s emails would address an asymmetry that corrodes democracy. Such a dragnet would ensure that the governed — and those who represent their interests — will always be able to exercise the same kind of scrutiny on those who govern as the government does on them.

Of course this will never happen, in part for justifiable reasons (cost, the privacy of federal employees), in part for unjustifiable reasons (the Executive would never agree to this). But given that it won’t happen, doesn’t it suggest the NSA’s dragnets shouldn’t either?

Update: In somewhat related news, Ron Wyden and Chuck Grassley are concerned that ODNI’s plan to continually monitor employees to prevent leaks will improperly chill whistleblowers.  If someone besides the Intelligence Community tracks that information, then access to the records could be provided more due process.

Share this entry

Important Victories for the Fourth Amendment May Pose Big Threat to Dragnet

/2 Comments/in /by

Sorry for the absence of late. I’ve been traveling and working on outside deadlines. But I should be back in the saddle for the next little while.

During the period I’ve been traveling, there have been two significant victories for the Fourth Amendment at the Circuit level. On June 11, the 11th Circuit (covering Florida, Georgia, and Alabama) ruled you need a warrant for stored cell location data. Relying on a close analysis of the various opinions in US v. Jones (the SCOTUS GPS tracking case), it ruled cell transmissions should be even more private than GPS device collection of your car’s movement, as your cell phone accompanies you to private places, which makes it more like communications content than observable location.

One’s car, when it is not garaged in a private place, is visible to the public, and it is only the aggregation of many instances of the public seeing it that make it particularly invasive of privacy to secure GPS evidence of its location. As the circuit and some justices reasoned, the car owner can reasonably expect that although his individual movements may be observed, there will not be a “tiny constable” hiding in his vehicle to maintain a log of his movements. 132 S. Ct. at 958 n.3 (Alito, J., concurring). In contrast, even on a person’s first visit to a gynecologist, a psychiatrist, a bookie, or a priest, one may assume that the visit is private if it was not conducted in a public way. One’s cell phone, unlike an  automobile, can accompany its owner anywhere. Thus, the exposure of the cell site location information can convert what would otherwise be a private event into a public one. When one’s whereabouts are not public, then one may have a reasonable expectation of privacy in those whereabouts. Therefore, while it may
be the case that even in light of the Jones opinion, GPS location information on an automobile would be protected only in the case of aggregated data, even one point of cell site location data can be within a reasonable expectation of privacy. In that sense, cell site data is more like communications data than it is like GPS information.

It then relied on a Third Circuit decision finding cell phone users did not voluntarily provide their location to their cell providers, and therefore cell location cannot be governed by the Third Party doctrine, in which the government may obtain anything you’ve given willingly to a third party without a warrant.

The ruling, then, is the broadest possible support for requiring a warrant for cell location data.

The second ruling, issued yesterday by the 2nd Circuit (covering New York, Connecticut, and Vermont), found that the government cannot just retain all the data seized from your computer indefinitely, only to use it years later under a new warrant. Of particular interest are two counterarguments the court made to the government’s claim that such a practice was reasonable.

First, it rejected the government’s claim that obtaining a warrant for information obtained years earlier would be legal.

Second, the Government asserts that by obtaining the 2006 search warrant, it cured any defect in its search of the wrongfully retained files. But this argument “reduces the Fourth Amendment to a form of words.”

[snip]

If the Government could seize and retain non-responsive electronic records indefinitely, so it could search them whenever it later developed probable cause, every warrant to search for particular electronic data would become, in essence, a general warrant.

And it rejected the government’s complaints that destroying the information it seized would be impractical, therefore making the later use of that data permissible.

Fourth, the Government contends that returning or destroying the non-responsive files is “entirely impractical” because doing so would compromise the remaining data that was responsive to the warrant, making it impossible to authenticate or use it in a criminal prosecution.

[snip]

But even if we assumed it were necessary to maintain a complete copy of the hard drive solely to authenticate evidence responsive to the original warrant, that does not provide a basis for using the mirror image for any other purpose.

These opinions are both momentous ones on their own, within the criminal context. But they also seriously threaten the NSA’s dragnets — and perhaps even the proposed dragnet under USA Freedumber Act. Jennifer Granick explains why the 11th Circuit decision threatens the program.

The appellate judges in Davis, by refusing to apply Smith and Miller to a case involving stored records, have taken a giant step toward undermining the legal justification propping up many of the government’s targeted and bulk metadata collection practices. The call detail records that the NSA gets under its Section 215 collection program — which provide information about phone numbers called and received and the duration of calls — include far more detailed data than the simple information at issue in Smith and are far more revealing of private conduct, social networks, and thought processes. This is especially true because the records are collected in bulk.

Under the new program, the NSA will almost certain rely on stored cell location data in its chaining process. Unless the government can claim the analysis the telecoms do for the government somehow doesn’t amount to a search, this location-chaining would seem to be illegal under this decision, for the states covered by the circuit.

And the 2nd Circuit decision undermines the argument the government uses to distinguish “collection” (as we would understand it) from the “collection” they claim to undertake when they later access information. More importantly, the government maintains (relying on a pre-computer Ted Olson opinion) that once it obtains information, it can do anything with it, up to conducting searches without even establishing Reasonable Suspicion. This opinion holds that such an argument amounts to a general warrant.

This ruling is particularly important for the government’s back door searches, which it justifies based on that logic.

It’s too early yet to see how this will affect the dragnet. The government could appeal both of these. The government could try to find a way around these jurisdictions — though New York and Florida are both so central to their claimed primary counterterrorism purpose, I don’t see how they could do it. They could try to argue a national security exception to this rule, based on special needs.

But for the moment, the principles laid out in these decisions cut to the core of the NSA’s dragnet.

Share this entry

Richard Posner Wants You To Learn to Love Secrecy

/15 Comments/in /by

As you’ve likely already heard, the 7th Circuit ruled aggressively against Adel Daoud, overturning Judge Sharon Johnson Coleman’s ruling that his lawyers could review his FISA warrant. This was utterly predictable, but unfortunate nevertheless.

Steve Vladeck had a really good post on both Judge Ricard Posner’s overreach and Judge Ilana Rovner’s description of the problem FISA presents for challenging the truthfulness of FISA warrant materials.

Here’s how he describes Posner’s obnoxious assumption of the District Court job to actually determine whether defense review is necessary.

But rather than accept—or at least sympathize with—Judge Coleman’s efforts to square a circle, Judge Posner derided them by suggesting that the government has a right to keep these materials secret, repeatedly criticizing calls (one is left to wonder from where) for “openness.” “Not only is federal judicial procedure not always adversarial,” Posner wrote; “it is not always fully public.” This is true, but entirely beside the point; Judge Coleman wasn’t seeking to open the proceedings; she was seeking to provide security-cleared defense counsel (who, just like everyone else, are subject to the Espionage Act) with access to classified information.

[snip]

But far more troubling than these (gratuitous) rhetorical flourishes is the last part of Judge Posner’s opinion, which doesn’t just conclude that disclosure to Daoud’s defense counsel in this case is unnecessary under § 1806(f)—the step the Court of Appeals criticized Judge Coleman for skipping—but then goes on to resolve Daoud’s Franks motion on the merits. Thus, the majority concluded that “our study of the materials convinces us that the investigation did not violate FISA,” even though the district court hadn’t even gotten that far.

In other words, in a case in which the whole question is how judges should decide whether they need adversarial participation in order to properly resolve a FISA-based Franks motion, Judge Posner’s answer is, in effect, “don’t worry about it; we judges can handle this without any help.” With all due respect to one of the brightest and most gifted appellate judges in the country, how does he (or his colleagues) know that? Indeed, I thought one of the most significant revelations from the FISA-related disclosures of the past year is that, in fact, judges won’t always get these issues right without the benefit of adversarial presentation and argument.

What’s especially odd about Posner’s opinion, however, is his own understanding of the process he himself used to determine this warrant was legal.

Remember that at the original review of this case, Posner and his colleagues had an unannounced secret hearing to review the warrant, attended by a goodly chunk of the US Attorney’s office. After that, the Court issued an order requiring even more information from the government.

Asking for additional information is legal. Under FISA a reviewing (District) Judge can consult “such other materials relating to the surveillance as may be necessary to determine whether the surveillance of the aggrieved person was lawfully authorized.” But the fact that the Circuit had to go back for even more information, after having seen all the materials Coleman reviewed, suggests the question was not as easy as Posner suggests.

And Posner wants us to believe his assumption of the role of the District Judge is a benefit to Daoud. He does so, first, in his bizarre rant about secrecy, when he emphasizes the times when secrecy benefit defendants. Then he goes further when dismissing Daoud’s lawyers objection to the secret hearing.

Their objecting to the classified hearing was ironic. The purpose of the hearing was to explore, by questioning the government’s lawyer on the basis of the classified materials, the need for defense access to those materials (which the judges and their cleared staffs had read). In effect this was cross-examination of the government, and could only help the defendant.

Only it wasn’t. It was an opportunity for the government to get a second bite at the ex parte apple, which by itself apparently wasn’t even sufficient to address questions about the application.

As Vladeck laid out, Rovner wrote a concurrence in which she acknowledged the failure of FISA to provide defendants with the ability to challenge the case against them.

But that’s not the direction our judiciary is going. On the contrary, it is embracing more and more secret procedures, all in an effort to hide what the government is really doing in its countereterrorism efforts.

Share this entry

The Black Holes in USA Freedumber’s Inspector General Reports

/3 Comments/in /by

I’m still working on understanding all the crud that is included in the USA Freedumber Act. And for the first time, I have looked really closely at the language on Inspector General Reports, which effectively modifies Section 106 of the 2005 PATRIOT Act Reauthorization. Not only does the language add a DOJ IG Report roughly parallel to the ones mandated for the years through 2006 for 2012 through 2014, but it adds an Intelligence Community IG Report for those 3 years.

I’ve long noted that that seems to leave 2010 and 2011 unexamined. That might be covered in the IG report Pat Leahy requested of the Intelligence Committee IG, Charles McCullough, though the dates are different and McCullough said he didn’t really have the time. So 2010 and 2011 may or may not currently being reviewed; they’re not required to be by the bill, however.

But upon closer review I’m just as interested in some holes the two reports will likely have, in combination.

What I realized when I reviewed the actual language, below, is that USA Freedumber is exploiting the fact that Section 215 was originally written exclusively for the FBI, even if the NSA and CIA and probably a bunch of other agencies are using it too (they’re doing this with minimization procedures elsewhere in the bill, too). Thus, they can leave language that applies specifically to FBI, and pretend that it applies to other agencies.

In practice, that leaves the DOJ IG to investigate general things about Section 215 use, including:

  • any noteworthy facts or circumstances relating to orders under such section, including any improper or illegal use of the authority provided under such section; and

  • the categories of records obtained and the importance of the information acquired to the intelligence activities of the Federal Bureau of Investigation or any other Department or agency of the Federal Government;

So long as FBI retains a role in the application process, it will have access to and can review the categories of records obtained, which is critical because this is one of the ways Congress will learn what those categories are.

But only the DOJ IG assesses whether Section 215 is adhering to law (as opposed to protecting Americanas’ constitutional rights). At one level, I’d much rather have DOJ IG perform this review, because we’ve never seen anything out of the IC IG resembling real oversight. Plus, under Glenn Fine, DOJ’s IG did point to real legal problems with the dragnet (which DOJ largely refused to fix, but which may have led to addition FISC opinions on those subjects). But I have questions whether DOJ’s IG would get enough visibility into what NSA and CIA and other agencies are doing with this data to perform a real review of the legality of it.

Then there are some somewhat parallel things both DOJ’s and IC’s IG would review, including:

  • the importance (IC IG) or effectiveness (DOJ IG) of Section 215

  • the manner in which that information was collected, retained, analyzed, and disseminated by the intelligence community;

  • the minimization procedures used by elements of the intelligence community under such title and whether the minimization procedures adequately protect the constitutional rights of United States persons; and

  • any minimization procedures proposed by an element of the intelligence community under such title that were modified or denied by the FISC

These are all well and good, and there’s the possibility that an IC IG review of how NSA analyzes and disseminates Section 215 data would find any of the most concerning potential practices.

I find the last two things DOJ’s IG would review at FBI but not even at DEA (if DEA uses Section 215), and which the IC IG would not review at all, the most telling.

  • whether, and how often, the Federal Bureau of Investigation used information acquired pursuant to an order under section 501 of such Act to produce an analytical intelligence product for distribution within the Federal Bureau of Investigation, to the intelligence community or to other Federal, State, local, or tribal government Departments, agencies, or instrumentalities; and
  • whether, and how often, the Federal Bureau of Investigation provided such information to law enforcement authorities for use in criminal proceedings

That is, the DOJ IG reports on how often the FBI uses Section 215 for finished intelligence products and how often it serves supports criminal proceedings. But it doesn’t track how often NSA uses Section 215 for finished intelligence products, nor does it track how often NSA uses Section 215 to investigate an American further.

The latter fact — that NSA isn’t counting how many Americans its targets because of Section 215 derived information — is not all that surprising. NSA has worked hard to obscure how many Americans have been sucked up in its analytical maw. Still, if we were serious about providing some transparency to the corporate store — where anyone 2 or 3 degrees from a RAS approved selector can get dumped and subjected to all of NSA’s analytical tradecraft forever — we’d require the IC IG to count this number, too.

And the fact that no one asks NSA and CIA how many finished intelligence reports they’re generating out of Section 215 is problematic both because it doesn’t identify how often NSA and CIA are sharing intelligence with FBI or National Counterterrorism Center or other agencies like DEA (which was one of the big problems with both the phone and Internet dragnet in 2009-10). But it also makes it harder for Congress to get a real understanding of how effective these tools are.

You can’t judge the efficacy of something you don’t measure.

To understand how important this is, consider the discussions about the phone dragnet we’ve had since last year. Everything has been measured in terms of reporting to FBI, which not only doesn’t disclose how many people are stuck in NSA’s maw, but to outsiders made the program look totally useless. We still don’t know precisely how the government is using the phone dragnet, because the data they’ve shared to describe its efficacy is probably not the most significant way it is used.

It seems the intelligence community would like to keep it that way. Read more

Share this entry

Post Snowden: The Government Doubles Down on Hard Power

/14 Comments/in , /by

I was asked to participate in a CATO debate about where we are a year post Snowden. My contribution to that debate — in which I argue any big drama going forward will come from the newly adversarial relationship between Google and the NSA —  is here.

As part of that, I argued that the government made a choice after Snowden: to double down on hard power over soft power.

The conflict between Google and its home country embodies another trend that has accelerated since the start of the Snowden leaks. As the President of the Computer & Communications Industry Association, Edward Black, testified before the Senate last year, the disclosure of NSA overreach did not just damage some of America’s most successful companies, it also undermined the key role the Internet plays in America’s soft power projection around the world: as the leader in Internet governance, and as the forum for open speech and exchange once associated so positively with the United States.

The U.S. response to Snowden’s leaks has, to a significant degree, been to double down on hard power, on the imperative to “collect it all” and the insistence that the best cyberdefense is an aggressive cyberoffense. While President Obama paid lip service to stopping short of spying “because we can,” the Executive Branch has refused to do anything – especially legislatively – that would impose real controls on the surveillance system that undergirds raw power.

And that will likely bring additional costs, not just to America’s economic position in the world, but in the need to invest in programs to maintain that raw power advantage. Particularly given the paltry results the NSA has to show for its domestic phone dragnet – the single Somali taxi driver donating to al-Shabaab that Sanchez described. It’s not clear that the additional costs from doubling down on hard power bring the United States any greater security.

Because I was writing this essay, that’s largely where my mind has been as we debate getting re-involved in Iraq.

In the 3 or 4 wars we’ve waged in the Middle East/South Asia since 9/11 (counting Afghanistan, Iraq, Libya, and Syria), we’ve only managed to further destabilize the region. That was largely driven by a belligerence that goes well beyond our imperative to collect it all.

But I do think both the Snowden anniversary and the Iraq clusterfuck should focus far more energy on how we try to serve American interests through persuasion rather than bombs and dragnets.

Share this entry

Judge Will Review DOJ’s Withholding of More Section 215 Orders

/7 Comments/in /by

Citing the significant public interest and past overclassification, the judge in EFF’s side of the Section 215 FOIA has ordered DOJ to cough up 5 (actually, I believe it is 6) orders, so she can review them in camera to see whether the government should release them.

The orders — with my speculation about what they are — are:

FISC opinion dated 8/20/2008 (6 pages)

I wrote about this opinion here. Two days before the order, the government submitted information on how it correlates different phone selectors for further chaining, which leads me to believe that’s the topic of the opinion. The government doesn’t want to release it because it is still using this “method,” which leads me to believe it would offer some insight on what it means that the automatic queries approved in 2012 and the connection-based chaining envisioned under the reformed program.

(2) FISC order dated 10/31/2006 (19 pages);

I believe this is actually two orders, one of 15 and one of 4 pages. If these pertain to the phone dragnet, one might pertain to compensation, another might either deal with violations the program was already experiencing (the next primary order imposed new regular reviews).

But it’s just as likely that these orders approve bulk collection for something else — perhaps financial records, for example.

(5) FISC orders dated 12/16/2005 (16 pages)
(3) FISC orders dated 2/17/2006 (17 pages)
(4) FISC orders dated 2/24/2006 (8 pages)

Given the timing (I’ve retained Judge Yvonne Gonzales Rogers’ numbering but adjusted order to match timing), I suspect these deal with the illegal wiretapping program. After all the first of these three orders was approved the day after the program was disclosed, during the period when PATRIOT Authority was extended after an true extension was filibustered.

Mind you, these are not supposed to deal with bulk collection. It may be they dealt with extending existing programs, providing feedback about what would not be acceptable bulk collection, or simply smaller orders affecting the most important part of the production.

As a reminder, there are 3 other known dragnet orders — from during the period when FISC was working through the violations in 2009 — the government didn’t even disclose to EFF. I wrote about those here.

Share this entry

Mike Rogers Says Google Must Lose Its Quarter to Save a Rickety Bank

/13 Comments/in , /by

Screen shot 2014-06-12 at 10.03.25 PMJosh Gerstein already wrote about some of this Mike Rogers blather. But I wanted to transcribe the whole thing to display how utterly full of shit he is.

At a conference at Georgetown the other day, (see video 3), Rogers laid into the tech companies for opposing USA Freedumber, which he badly misrepresented just before this. The context of European opportunism beings at 1:06, the quote begins after 1:08.

We should be very mad at Google, and Microsoft, and Facebook, because they’re doing a very interesting, and I think, very dangerous thing. They’ve come out and said, “well, we oppose this new FISA bill because it doesn’t go far enough.” When you peel that onion back a little bit, and why are you doing this, this is a good bill, it’s safe, bipartisan, it’s rational, it meets all the requirements for Fourth Amendment protection, privacy protection, and allowing the system to work,

Rogers claims they’re doing so solely because they’re afraid to lose European business. And Rogers — a Republican! — is furious that corporations prioritize their profits (note, Rogers has never complained that some of these same companies use European tax shelters to cheat the tax man).

And they say, “well, we have to do this because we have to make sure we don’t lose our European business.” I don’t know about the rest of you, that offends me from the word, “European business.” Think about what they’re doing. They’re willing, in their minds, to justify the importance of their next quarter’s earnings in Europe, versus the National Security of the United States. Everybody on those boards should be embarrassed, and their CEOs should be embarrassed, and their stockholders should be embarrassed.That one quarter cannot be worth the National Security of the United States for the next 10 generations. And if we don’t get this part turned around very quickly, it will likely get a little ugly, and that emotional piece that we got by is going to be right back in the center of the room to no good advantage to our ability to protect the United States.

Mostly, he seems pissed because he knows the collective weight of the tech companies may give those of us trying to defeat USA Freedumber a fighting chance, which is what Rogers considers an emotional place because Democracy.

But Rogers’ rant gets truly bizarre later in the same video (after 1:23) where he explains what the security interest is:

We have one particular financial institution that clears, somewhere about $7 trillion dollars in global financial transactions every single day. Imagine if tomorrow that place gets in there and through an attack of which we know does exist, the potential does exist where the information is destroyed and manipulated, now you don’t know who owes what money, some of that may have lost transactions completely forever, imagine what that does to the economy, $7 trillion. Gone — right? Gone. It’s that serious.

Mind you, Rogers appears unaware that a banks shuffling of money — while an incredibly ripe target for hackers — does not really contribute to the American economy. This kind of daily volume is churn that only the very very rich benefit from. And one big reason it’s a target is because it is an inherently fragile thing.

To make all this even more hysterical, Rogers talks about risk driving insurance driving proper defensive measures from the target companies … yet he seems not to apply those rules to banks.

Mike Rogers, it seems, would rather kill Google’s business than permit this rickety vitality killing bank to feel the full brunt of the risk of its own business model.

Share this entry

Did the Government Invent Terrorist Threats Out of Adel Daoud’s Term Paper?

/12 Comments/in /by

I’m just now getting around to listening to the Mulligan hearing in Adel Daoud’s hearing at the 7th Circuit on Monday which the panel held because the hearing held the previous Wednesday had not been taped.

The hearing (as opposed to Judge Richard Posner’s long digression about why they were having the Mulligan) started with Judge Ilana Rovner focusing on whether a defendant caught by FISA could ever take a Franks challenge to a FISA warrant — basically, a claim that the government relied on false information in an affidavit supporting a warrant. Posner, too, seemed focused on this, asking Prosecutor William Ridgway whether a case (this case?) could be sustained even in the face of a Franks challenge. (Ridgway said it could, but of course he would say that, because the Circuit can only sustain a review here if it would be significant enough to exonerate Daoud.)

And all that took place against the background of Posner claiming, at least, that the ex parte hearing last week was held to benefit his client, which suggests (as does the request for more information from the government) that the Circuit may be more skeptical of the warrant than Posner let on last week (or perhaps Posner got more skeptical after the hearing).

Daoud’s attorney, Thomas Durkin, tried to bring it back to the larger issues raising questions in this case, including the fact that Dianne Feinstein had suggested Daoud had been caught using Section 702 of FISA.

 

But ultimately, Posner showed most interest when Durkin talked about Daoud’s mosque school term paper on Osama bin Laden.

Durkin: We do know and we did tell the judge this that this 18 year old kid had to do a term paper for — he went to the mosque school, and he had to do a term paper. He decided to do a term paper on Osama bin Laden. We know he had contacts, therefore, with Inspire magazine and reasons why the NSA may have picked him up. That could be just deliberate First Amendment Activity. Nothing more, nothing less. We don’t know that. We don’t know whether there’s something in that affidavit that says — we’ve tried to rule out all kinds of First Amendment activity and we can’t find anybody. We should be permitted to see that.

Posner: Are you trying to say the government investigated him because of school paper he wrote?

Durkin: I don’t know. It could be.

Posner: No, but that’s your suspicion, right?

Durkin: That is my suspicion.

As I explained before, the investigation into Daoud started on May 10, 2012 in response to an unsolicited referral that claimed Daoud had said he’d use the instructions in Inspire to launch an attack. But neither that claim nor a subsequent claim based on an undercover officer shows the language Daoud used. The one time the FBI quoted Daoud in its summary, the FBI seemed to overstate the tie between Inspire and Daoud’s plans to hurt the US.

Thus, the evidence may well support the claim that the FBI — and whoever referred Daoud in the first place — overstated what Daoud had actually said about Inspire. Which, if that’s what they used to get a FISA warrant (and it appears likely it is), ought to be a good basis to claim they lied to get that FISA warrant.

That may not be enough to sustain Sharon Coleman’s decision Daoud should get a review of the warrant (though I suppose it’s possible the 7th could just decide to throw out the warrant). Plus, even then you might have to prove that everything that came after — including the alleged threats to a FBI agent — was entrapment.

But it seems like the 7th Circuit may be fairly critical of what they saw in that FISA warrant.

Share this entry

USA Freedumber Reverses John Bates’ Attempts at Oversight

/4 Comments/in /by

I’ve written about this here and here, but I’m going to make one more effort at explaining why I believe HR 3361 (AKA USA Freedumber Act) will undo the paltry efforts John Bates made to rein in the NSA.

My argument is that with section 202 of HR 3361, the government is creating something new — Attorney General created “privacy procedures” — that serve to dramatically alter the concept of minimization procedures and in doing so undermining the authority of the FISA Court to limit illegal activities.

The government and NSA’s boosters have long argued that minimization procedures — limits on the collection, retention, and dissemination of US person data — play an affirmative role in protecting US person privacy even while the government “collects it all.” Significantly, they point the the FISA Court’s role in reviewing minimization procedures as a key part of oversight of these massive dragnets.

But they’ve always played a funny game with minimization procedures on the legally most problematic part of their dragnet, the Internet dragnet. And a last minute change to HR 3361 seems to codify that funny game.

Unlike the FISA authorization for content in motion, stored communication, and business record collection, the Pen Register/Trap and Trace provision (50 USC 1842) they used to collect Internet metadata collection includes no provision for minimization procedures. The original USA Freedom Act and the compromise bill added minimization procedures and gave FISC judges the authority to review compliance with them. But at the last minute, the intelligence community replaced that provision with “Privacy Procedures” over which only the Attorney General has sole authority.

SEC. 202. PRIVACY PROCEDURES.

(a) IN GENERAL.—Section 402 (50 U.S.C. 1842) is amended by adding at the end the following new sub-section:

‘(h) The Attorney General shall ensure that appropriate policies and procedures are in place to safeguard nonpublicly available information concerning United States persons that is collected through the use of a pen register or trap and trace device installed under this section. Such policies and procedures shall, to the maximum extent practicable and consistent with the need to protect national security, include protections for the collection, retention, and use of information concerning United States persons.

Given the history of the PR/TT program, I believe this may (and may be designed to) permit the ongoing acquisition of illegal content.

DOJ argues FISC may only rubber stamp

Before we look at the history of minimization procedures under the FISC-authorized Internet dragnet, understand that even as the government asked the FISC to rubber stamp one of the only parts of the illegal wiretapping program DOJ saw fit to shut down, it also argued that FISC’s authority to do was very limited.

In Colleen Kollar-Kotelly’s July 2004 opinion, she made clear the government believed she could only review the presence of language in the application, not whether it complied with the law, including the “relevance” provision.

In the Government’s view, the Court’s exclusive function regarding this certification would be to verify that it contains the words required by § 1842(c)(2); the basis for a properly worded certification would be of no judicial concern. See Memorandum of Law and Fact at 28-34.

The Court has reviewed the Government’s arguments and authorities and does not find them persuasive.19

19 For example, the Government cites legislative history that “Congress intended to ‘authorize[] FISA judges to issue a pen register or trap and trace upon a certification that the information sought is relevant to'” an FBI investigation. Memorandum of Law and Fact at 30 (quoting S. Rep. No. 105-185, at 27 (1998). However, authorizing the Court to issue an order when a certification is made, and requiring it to do so without resolving doubts about the correctness of the certification are quite different. (26-27)

Six years later, the government was still arguing the FISC could only serve as a rubber stamp. John Bates’ 2010 opinion again had to deal with such a claim.

The Government again argues that the Court should conduct no substantive review of the certification of relevance. See Memorandum of Law at 29. This opinion follows Judge Kollar-Kotelly’s [redacted] Opinion in assuming, without conclusively deciding, that substantive review is warranted. (73 fn 58)

The government’s review that the FISC is no more than a rubber stamp is particularly interesting given the discussion over minimization procedures.

The government invites rubber stamp judges to modify minimization procedures 

Even in spite of DOJ’s view that the FISC should be no more than a rubber stamp on PRTT applications, they nevertheless invited the judges to review and modify minimization procedures submitted in light of the extent of the collection being approved.

Read more

Share this entry

Use the Cantor Shellacking to Reverse Course on USA Freedumber

/11 Comments/in /by

Eric Cantor, who famously held up earthquake relief to his own district on Paygo rules, got his ass handed to him last night by Tea Party candidate Dave Brat.

And while my impression is Cantor lost because of that kind of disdain for his constituents, it is in fact the case that 1) Cantor was a key player in watering down and then passing the USA Freedumber Act and 2) Brat campaigned on an anti-surveillance platform. Which means pundits are already reading Cantor’s defeat as a loss for the NSA.

But it’s only a loss if it leads to the defeat of USA Freedumber, one of the last bills Cantor shepherded through the House before his shellacking.

So I think the privacy community should use it as an opportunity to do what it should have done as soon as USA Freedumb got watered down into USA Freedumber: loudly declare that Jim Sensenbrenner reneged on the deal made in the USA Freedumb Act and that the legislative effort needs to be reset.

I say that because right now the privacy community has lost all its leverage in this process by not loudly coming out against USA Freedumber after Cantor watered it down, by not rallying the privacy community on solid principles. Sure, doing so doesn’t help in the House, where significant damage has already been done. But doing so may be one of the few things that would restore the credibility of the institutional players and restore some kind of unity to the effort.

Share this entry