Leak Investigations Archives - Page 44 of 60

DOJ’s Reaffirmation of Journalist NSLs and the Undiebomb 2.0 and StuxNet Investigations

February 24, 2014/1 Comment/in Leak Investigations /by emptywheel

Given Friday’s news that DOJ’s “new” media guidelines continue to permit FBI to use National Security Letters to obtain journalists’ contact information, I’d like to return to the apparent results of two major leak investigations, those into the UndieBomb 2.0 and StuxNet leaks.

In the former case, the DOJ claims it had no idea that Donald Sachtleben served as a source for Matt Apuzzo and Adam Goldman’s story on UndieBomb 2.0 and no means to get a warrant for a computer they already had in their possession until — months into the investigation — they subpoenaed the phone records for 20 AP lines.

The entire premise of the FBI narrative is that they exercised greater care with a kiddie porn accusee they had dead to rights than they did the 100 or so AP reporters who got sucked up in their overbroad dragnet. They would have you believe that, even after seizing a CD holding a November 2, 2006 SECRET CIA intelligence report at Sachtleben’s house in May 2012 pursuant to a kiddie porn warrant (which they have not produced in the docket), they just sat on his devicesfor almost a year until they obtained the phone records for 20 AP phone lines, in a seizure far more intrusive into journalism than any recent known subpoena.

Sachtleben was identified as a suspect in the case of this unauthorized disclosure only after toll records for phone numbers related to the reporter were obtained through a subpoena and compared to other evidence collected during the leak investigation. This allowed investigators to obtain a search warrant authorizing a more exhaustive search of Sachtleben’s cell phone, computer, and other electronic media, which were in the possession of federal investigators due to the child pornography investigation.

(I may be mistaken, but I don’t think the FBI made this claim in any court document, so I assume it is bullshit, especially since they had had to do extensive forensic searches of Sachtleben’s computer and he had already signed a plea deal forfeiting it.)

In addition, DOJ would have you believe that Sachtleben, who could not have been the most important source for this leak, was the AP’s only source. At his sentencing, he pointed out correctly that’s not true.

“I was neither the sole nor the original source of information to ‘Reporter A’ about the suicide bomb,” Sachtleben said in a statement sent by his law firm. “The information I shared with Reporter A merely confirmed what he already believed to be true. Any implication that I was the direct source of a serious leak is an exaggeration.”

And the transcript of John Brennan’s teleconference to guide this leak makes it clear that the AP had far more information than they published, Sachtleben leaks all appeared in the story. So there obviously were far more sensitive sources DOJ chose not to prosecute.

They got their kiddie porn scapegoat, and their public explanation of how and why they obtained the phone records implicating 100 AP journalists. Which presumably had the additional advantage of making it clear to all Apuzzo and Goldman’s potential sources that DOJ is willing to go after them.

Compare all that to the StuxNet investigation. Reports last year identified Retired General James Cartwright as the suspect in the case.

But, said legal sources, while the probe that Attorney General Eric Holder ordered initially focused on whether the information came from inside the White House, by late last year FBI agents were zeroing in on Cartwright, who had served as one of the president’s “inner circle” of national security advisors.

The investigation focused on Cartwright in spite of evidence the White House was closely involved in the book (though not necessarily involved in leaking the details that particularly angered DC insiders, which may have been the that Israel permitted the virus to escape).

And all this happened — FBI was able to rule out the White House’s sources but still confirm Cartwright’s role — without subpoenaing NYT phone records.

Two sources said prosecutors were able to identify Cartwright as a suspected leaker without resorting to a secret subpoena of the phone records of New York Times reporters.

As it happens, Cartwright was only stripped of his clearance, not charged; there will be no court case in which the government has to show how it collected its evidence against Cartwright.

Of course, it would be a lot easier to pick and choose which sources to prosecute if you can secretly identify, using National Security Letters, those sources before actually obtaining journalist records in a way that requires public notice, as the AP subpoena eventually did. And then, at such time as you do want to make that public, you can get the subpoena showing the evidence you’ve already obtained via NSL.

In addition to being a threat to press freedoms, the explicit use of NSLs to obtain journalist contacts permits the government even more arbitrary power than the record of these two cases show it exercises.

Using NSLs allows DOJ to engage in selective leak prosecutions without that being immediately obvious.

Handy things, these NSLs.

DOJ Will Continue to Use NSLs to Get Journalist Contacts

For years, I have been harping on the language in FBI’s Domestic Investigations and Operations Guide that permits DOJ to get journalists’ contact information using NSLs because — given that they are not warrants — they need no Attorney General review.

A heavily-redacted section (PDF 166) suggests that in investigations with a national security nexus (so international terrorism or espionage, as many leak cases have been treated) DOJ need not comply with existing restrictions requiring Attorney General approval before getting the phone records of a journalist. The reason? Because NSLs aren’t subpoenas, and that restriction only applies to subpoenas.

Department of Justice policy with regard to the issuances of subpoenas for telephone toll records of members of the news media is found at 28 C.F.R. § 50.10. The regulation concerns only grand jury subpoenas, not National Security Letters (NSLs) or administrative subpoenas. (The regulation requires Attorney General approval prior to the issuance of a grand jury subpoena for telephone toll records of a member of the news media, and when such a subpoena is issued, notice must be given to the news media either before or soon after such records are obtained.) The following approval requirements and specific procedures apply for the issuance of an NSL for telephone toll records of members of the news media or news organizations. [my emphasis]

So DOJ can use NSLs–with no court oversight–to get journalists’ call (and email) records rather than actually getting a subpoena.

The section includes four different approval requirement scenarios for issuing such NSLs, almost all of which are redacted. Though one only partly redacted passage makes it clear there are some circumstances where the approval process is the same as for anyone else DOJ wants to get an NSL on:

If the NSL is seeking telephone toll records of an individual who is a member of the news media or news organization [2 lines redacted] there are no additional approval requirements other than those set out in DIOG Section 18.6.6.1.3 [half line redacted]

And the section on NSL use (see PDF 100) makes it clear that a long list of people can approve such NSLs:

Deputy Director

Executive Assistant Director

Associate EAD for the National Security Branch

Assistant Directors and all DADs for CT/CD/Cyber

General Counsel

Deputy General Counsel for the National Security Law Branch

Assistant Directors in Charge in NY, Washington Field Office, and LA

All Special Agents in Charge

In other words, while DOJ does seem to offer members of the news media–which is itself a somewhat limited group–some protection from subpoena, it also seems to include loopholes for precisely the kinds of cases, like leaks, where source protection is so important.

See also this post, where I tried to write it really plainly.

Then, last year, after it got caught obtaining the call records of some Pulitzer Prize winners, DOJ pretended to roll out new protections for journalists.

Charlie Savage reports that DOJ has just rolled out the final version of those great new protections.

Here’s the last paragraph of his report on the “new guidelines.”

The rules cover grand jury subpoenas used in criminal investigations. They exempt wiretap and search warrants obtained under the Foreign Intelligence Surveillance Act and “national security letters,” a kind of administrative subpoena used to obtain records about communications in terrorism and counterespionage investigations.

Which makes these “new guidelines” worth approximately shit in any leak — that is, counterintelligence — investigation.

GAP, POGO, Experience Break-Ins

February 21, 2014/5 Comments/in Leak Investigations /by emptywheel

Jeff Stein has a troubling scoop that both the Government Accountability Project and POGO have been burgled — POGO in recent weeks and GAP several years ago.

The POGO break-in seems of lesser concern, because they don’t appear to have taken anything — though Stein notes that POGO was involved in releasing the DOD IG Report that revealed CIA’s close ties to Zero Dark Thirty (and, because some dirty fucking hippie pointed it out, that William McRaven ordered Osama bin Laden photos “destroyed immediately” when Judicial Watch FOIAed them).

POGO is also relentless in its documentation of the waste of the F-35 program.

The GAP break-in occurred back in January 2011.

In the Jan. 6, 2011 incident, the burglars seemed interested in just a few of the computers among the dozen or so in the office. Of the six stolen, two belonged to GAP’s national security attorneys, and one to its legal director, according to GAP President Louis Clark. No culprits have been arrested.

Jesselyn Radack, the director of GAP’s National Security and Human Rights Program, is a legal adviser to Snowden.

This was the period when the WikiLeaks investigation was heating up, as was the Jeffrey Sterling prosecution. Several months later, Thomas Drake would get his plea deal.

In addition, in recent months, someone has been trying to deal GAP classified documents.

In the months since the group’s association with the fugitive leaker began, Clark said, “We have had a highly suspicious person twice try to give us so-called ‘classified’ documents.” Because the group is not a news organization, accepting classified documents could leave it open to prosecution.

It’s not surprising that weird stuff is happening to Raddack’s organization as she assist Snowden. But this does seem like a setup.

Troubling.

Update: Via Twitter Radack made it clear the break in to GAP was during the Thomas Drake case.

Friday News Dump Not Dead Yet: Stephen Kim Guilty Plea

February 7, 2014/13 Comments/in Bush Administration, Department of Justice, Law, Leak Investigations, Obama Administration, Press and Media, Terrorism, Unitary Executive /by bmaz

Just when Kevin Drum declared the “Friday News Dump” dead, comes proof news of said death was greatly exaggerated.

As Josh Gerstein and others have reported, the plea will be entered this afternoon:

Under the terms of the agreement, Kim will plead guilty to a single felony count of disclosing classified information to Rosen in June 2009, and serve a 13-month prison sentence. Judge Colleen Kollar-Kotelly would have to accept the sentence or reject it outright?, in which case Kim could withdraw his plea. Kim would also be on supervised release for a year, but would pay no fine.

Judge Kollar-Kotelly is expected to accept the guilty plea at today’s hearing, but will not impose a sentence until sometime later.

Well, that is kind of a big deal dropped out of nowhere on a Friday afternoon.

As you may recall, this is the infamous case where the Obama/Holder DOJ was caught classifying a journalist, James Rosen of Fox News, as an “aider and abettor” of espionage. As the Washington Post reported, the scurrilous allegation was clear as day in a formal warrant application filed as an official court document:

“I believe there is probable cause to conclude that the contents of the wire and electronic communications pertaining to the SUBJECT ACCOUNT [the gmail account of Mr. Rosen] are evidence, fruits and instrumentalities of criminal violations of 18 U.S.C. 793 (Unauthorized Disclosure of National Defense Information), and that there is probable cause to believe that the Reporter has committed or is committing a violation of section 793(d), as an aider and abettor and/or co-conspirator, to which the materials relate,” wrote FBI agent Reginald B. Reyes in a May 28, 2010 application for a search warrant.

The search warrant was issued in the course of an investigation into a suspected leak of classified information allegedly committed by Stephen Jin-Woo Kim, a former State Department contractor, who was indicted in August 2010.

The Reyes affidavit all but eliminates the traditional distinction in classified leak investigations between sources, who are bound by a non-disclosure agreement, and reporters, who are protected by the First Amendment as long as they do not commit a crime.

[snip]

As evidence of Mr. Rosen’s purported culpability, the Reyes affidavit notes that Rosen and Kim used aliases in their communications (Kim was “Leo” and Rosen was “Alex”) and in other ways sought to maintain confidentiality.

“From the beginning of their relationship, the Reporter asked, solicited and encouraged Mr. Kim to disclose sensitive United States internal documents and intelligence information…. The Reporter did so by employing flattery and playing to Mr. Kim’s vanity and ego.”

“Much like an intelligence officer would run an [sic] clandestine intelligence source, the Reporter instructed Mr. Kim on a covert communications plan… to facilitate communication with Mr. Kim and perhaps other sources of information.”

Of course, the fully justifiable uproar over the Rosen treatment by DOJ eventually led to “new guidelines”, being issued by the DOJ. The new guidelines are certainly a half step in the right direction, but wholly unsatisfactory for the breadth and scope of the current Administration’s attack on the American free press.

But now the case undergirding the discussion in the Stephen Kim case will be shut down, and the questions that could play out in an actual trial quashed. All nice and tidy!

Frankly, I have mixed emotions about the reported Kim plea itself. It is, all in all, a pretty good deal for Kim and his attorney, the great Abbe Lowell. The case is done, bad precedent does not get etched into a jury verdict and appeal, and the nightmare has an end in sight for the defendant, Stephen Kim. All things considered, given the seriousness of the espionage and false statement charges in the indictment, 13 months is a good outcome. And it is not a horrible sentence to have as a yardstick for other leakers (were I Ed Snowden and Ben Wizner, I would like this result). By the same token, the damage done by the ridiculous antics and conduct of the DOJ in getting to this point is palpable. It will leave a stain that won’t, and shouldn’t, go away.

That still leaves the matter of Jeffrey Sterling, and reporter James Risen, though. Whither DOJ on that? And it is an important question since the much ballyhooed and vaunted “New Media Policies” announced by DOJ left wide open the ability to force Risen (and others that may some day be similarly situated) to testify about his sources of face jail for contempt.

What Michael Flynn’s DIA Imputes to Facts We Know

January 22, 2014/16 Comments/in FISA, Intelligence, Leak Investigations /by emptywheel

Before I point to reasons why we should exercise some caution before we believe a DIA report claiming that Edward Snowden’s entire leak was orchestrated by the Russians, let me lay out the following.

First. until such time as we see evidence that the reported documents somehow inordinately benefit Russia (and/or see evidence that our cooperation with Russia isn’t increasing during the period of Snowden’s asylum there), I’m not much interested in the question. I’m still so busy — both between Snowden document reports and documents declassified in response to FOIAs in a false show of transparency — reading about programs Americans should have known, that I don’t have time or interest in this manufactured sideshow.

Second, I don’t know what Snowden’s relationship with Russia is (and suspect 99% of the people commenting don’t either). The claims Mike Rogers, in particular, made on Sunday are full of Clown Show logic problems, some of which Snowden debunked in a limited rebuttal in an interview with Jane Mayer. Some accusers and defenders are conflating what happened while Snowden was working at NSA and what happened after Snowden got stuck in Moscow. All that said, while we have no evidence of cooperation now, I fully expect Vlaidimir Putin tried all he could to get as much out of Snowden as he could.

I don’t know.

What I do know is that DIA under General Michael Flynn’s leadership seems to be developing a pattern of leaking sensational intelligence conclusions based on apparently bad logic at politically opportune moments.

The accusations against Snowden are from a DIA report that DIA’s Director, Michael Flynn, organized.

The Defense Department report was conducted by the Defense Intelligence Agency in coordination with other intelligence agencies across the government, according to two sources familiar with its findings. A spokesperson for the DIA said Lt. Gen. Michael Flynn, the agency’s director, organized a task force “to assess the potential impact to the Department of Defense from the compromise of this information.” But the spokesman did not say what, if any, conclusions the task force had reached about actual damage caused by documents Snowden took, regardless of whether they’ve been disclosed or not.

Admittedly, the conclusions of it got leaked with apparent White House permission. But it got leaked in the worst manner of Obama Administration asymmetric leaking, which have a history of being rather partial and politically self-serving.

Moreover, the entire orchestrated leak feels a lot like the “leak” last year — during heightened tensions between North and South Korea — of DIA’s conclusion that North Korea had the capability of launching a nuclear weapon on a ballistic missile. Republican Congressman Doug Lamborn, protected by Speech and Debate, revealed a detail that “accidentally” wasn’t redacted in a larger declassified finding. The “leak” fed a lot of fearmongering even as the Obama Administration was trying to temper responses.

A week after the initial leak, James Clapper and Flynn happened to testify before the Senate Armed Services Committee (the entire clip is worthwhile, but the particularly important parts start after 4:00). And in response to some Ted Cruz questions about North Korea, both Clapper and Flynn made it clear that the reason DIA had come to different conclusions than the rest of the Intelligence Community was because of the assumptions it had made. This inflammatory finding arose because of “a difference in how we judge assumptions,” Flynn explained. Clapper (who had spent a week trying to batten down the alarmism) said the debate arose from the “facts we know versus what we impute to those facts.”

That is, DIA had imputed conclusions to facts other agencies hadn’t.

According to its Director, DIA has a difference in how it judges assumptions from other intelligence agencies. And in this case, those who have read the DIA report appear to be repeating allegations remarkably divorced from any evidence, relying on wacky theories rather than real evidence.

Michael Flynn seems to be making a habit of this kind of analysis.

Obama Approves Releasing Classified Information to Attack Snowden for Leaking Classified Information

January 9, 2014/15 Comments/in FISA, Leak Investigations /by emptywheel

Kudos to Shane Harris who, unlike a number of other reporters, brought the appropriate skepticism to Mike Rogers and Dutch Ruppersberger’s attempt to fearmonger Edward Snowden’s leaks. Not only did Harris use the correct verb tense — “could” as opposed to “has” — to describe documents describing the activities of the Armed Services that have not yet been released (and note, implicitly Rogers and Rupp are saying the risk is to forces in the field but not within the domestic US). But he repeatedly noted Rogers and Rupp’s complete failure to provide any evidence:

But the lawmakers — who are working in coordination with the Obama administration and are trying to counter the narrative that Snowden is a heroic whistleblower — offered no specific examples to substantiate their claims.

[snip]

The lawmakers cited no articles or specific documents to support that claim.

[snip]

But the spokesman did not say what, if any, conclusions the task force had reached about actual damage caused by documents Snowden took, regardless of whether they’ve been disclosed or not.

My favorite part of Harris’ piece, however, is the way he makes clear that Rogers and Rupp are selectively releasing classified information — with the Administration’s approval — to complain about Snowden releasing classified information.

A congressional staffer who is familiar with the report’s findings said that the lawmakers chose to make some of its contents public in order to counter what they see as a false impression of Snowden as a principled whistleblower who disclosed abuses of power.

“Snowden has been made out by some people to be a hero. What we need to do is really look at the effect of his leaks and see that what he’s done is really harm our country and put citizens at risk. The purpose [of releasing some findings] is to clear the record and show that he’s not a hero,” the staffer told Foreign Policy.

The staffer said that the administration approved the information that the lawmakers disclosed in advance.

Because some leaky pigs are more equal than other leaky pigs.

The Civil Liberties Celebration Hangover Wears Off

December 23, 2013/16 Comments/in Congress, Cybersecurity, Department of Justice, FISA, Intelligence, Law, Leak Investigations, Obama Administration, state secrets, Unitary Executive /by bmaz

At the end of last week, I joked a little about privacy and civil liberties advocates having had the “best week ever”. It was indeed a very good week, but only relatively compared to the near constant assault on the same by the government. But the con is being put back in ICon by the Administration and its mouthpieces.

As I noted in the same post, Obama himself has already thrown cold water on the promise of his NSA Review Board report. Contrary to some, I saw quite a few positives in the report and thought it much stronger than I ever expected. Still, that certainly does not mean it was, or is, the particularly strong reform that is needed. And even the measures and discussion it did contain are worthless without sincerity and dedication to buy into them by the intelligence community and the administration. But if Obama on Friday was the harbinger of the walkback and whitewash of real reform, the foot soldiers are taking the field now to prove the point.

Sunday morning brought out former CIA Deputy Director Michael Morrell on CBS Face the Nation to say this:

I think that is a perception that’s somehow out there. It is not focused on any single American. It is not reading the content of your phone calls or my phone calls or anybody else’s phone calls. It is focused on this metadata for one purpose only and that is to make sure that foreign terrorists aren’t in contact with anybody in the United States.

Morrell also stated that there was “no abuse” by the NSA and that Ed Snowden was a “criminal” who has shirked his duties as a “patriot” by running. Now Mike Morrell is not just some voice out in the intelligence community, he was one of the supposedly hallowed voices that Barack Obama chose to consider “reform”.

Which ought to tell you quite a bit about what Barack Obama really thinks about true reform and your privacy interests. Not much. In fact, Morrell suggested (and Obama almost certainly agrees) that the collection dragnet should be expanded from telephony to also include email. Not exactly the kind of “reform” we had in mind.

Then, Sunday night 60 Minutes showed that fluffing the security state is not just a vice, but an ingrained habit for them. Hot on the heels of their John Miller blowjob on the NSA, last night 60 Minutes opened with a completely hagiographic puff piece on and with National Security Advisor Susan Rice. There was absolutely no news whatsoever in the segment, it was entirely a forum for Rice and her “interviewer”, Lesley Stahl, to spew unsupported allegations about Edward Snowden (He “has 1.5 million documents!”), lie about how the DOJ has interacted with the court system regarding the government surveillance programs (the only false statements have been “inadvertent”) and rehab her image from the Benghazi!! debacle. That was really it. Not exactly the hard hitting journalism you would hope for on the heels of a federal judge declaring a piece of the heart of the surveillance state unconstitutional.

Oh, yes, Susan Rice also proudly proclaimed herself “a pragmatist like Henry Kissinger which, as Tim Shorrock correctly pointed out, is not exactly reassuring from the administration of a Democratic President interested in civil liberties, privacy and the rule of law.

So, the whitewashing of surveillance dragnet reform is in full swing, let the giddiness of last week give way to the understanding that Barack Obama, and the Intelligence Community, have no intention whatsoever of “reforming”. In fact, they will use the illusion of “reform” to expand their authorities and power. Jonathan Turley noted:

Obama stacked the task force on NSA surveillance with hawks to guarantee the preservation of the program.

Not just preserve, but to give the false, nee fraudulent, patina of Obama Administration concern for the privacy and civil liberties concerns of the American citizenry when, in fact, the Administration has none. It is yet another con.

Or, as Glenn Greenwald noted:

The key to the WH panel: its stated purpose was to re-establish public confidence in NSA – NOT reform it.

There may be some moving of the pea beneath the shells, but there will be no meaningful reform from the administration of Barack Obama. The vehicle for reform, if there is to be one at all, will have to come from the Article III federal courts. for an overview of the path of Judge Leon’s decision in Klayman through the DC circuit, see this piece by NLJ’s Zoe Tillman.

Lastly, to give just a little hope after the above distressing content, I recommend a read of this excellent article by Adam Serwer at MSNBC on the cagy pump priming for surveillance reform Justice Sotomayor has done at the Supreme Court:

If Edward Snowden gave federal courts the means to declare the National Security Agency’s data-gathering unconstitutional, Sonia Sotomayor showed them how.

It was Sotomayor’s lonely concurrence in U.S. v Jones, a case involving warrantless use of a GPS tracker on a suspect’s car, that the George W. Bush-appointed Judge Richard Leon relied on when he ruled that the program was likely unconstitutional last week. It was that same concurrence the White House appointed review board on surveillance policy cited when it concluded government surveillance should be scaled back.

“It may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties,” Sotomayor wrote in 2012. “This approach is ill suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks.”

Give the entire article a read, Adam is spot on. If there is to be reform on the surveillance dragnet, it will almost certainly have to be the handiwork of the courts, and Justice Sotomayor planted the seed. The constant barrage of truth and facts coming from the Snowden materials, what Jay Rosen rightfully terms “The Snowden Effect” is providing the food for Sotomayor’s seed to flower. Hopefully.

Truth Claims, Malaprops, Cows, and the NSA Debate

November 18, 2013/67 Comments/in FISA, Leak Investigations /by emptywheel

I was obviously unexcited about the way last night’s Chiefs-Broncos game went because I made the perhaps ill-advised decision to point out an obvious error in this post from former NSA analyst John Schindler.

He was trying to make a legitimate point — that some of the coverage of the Snowden leaks has conflated total Top Secret/SCI clearance holders with the number of people cleared into the compartments of the documents he took.

As The Guardian has taken center stage in the Snowden drama, serving as the English-language conduit of choice for publishing classified information about the National Security Agency and its partners that was stolen by Edward Snowden, it’s taken heat from the British government about its possibly illegal activities.

As a dodge, Guardian editors have taken to throwing around the “no big deal” excuse because, they claim, 850,000 people in the US, UK, and partner governments had access to this stuff. It was simply Ed, one in an (almost) million, who did the dirty deed. For one of the many iterations of this nonsense see here.

Yet nonsense it is. It plays on the fact the US and Allied governments have given out a lot of high-level clearances in recent years. But it requires a bit of explanation to understand the details – and why The Guardian is lying.

Everybody at NSA – whether military, civilian, or contractor – holds an active TOP SECRET (TS) security clearance with Sensitive Compartmented Information (SCI) access. That’s what it takes to get in the door at NSA.

[snip]

But TS/SCI is just the basic level of clearance at NSA and its partner and Allied agencies. Above that there exist many kinds of caveats and special programs that go (or have gone) by weird names such as GAMMA, VRK (Very Restricted Knowledge), and ECI (Exceptionally Controlled Information). Across DoD they have similar SAPs (Special Access Programs). The bottom line is that nobody at NSA sees “everything.” The entire system is in fact designed to prevent any one person from seeing everything.

The problem, however, is that Schindler made the same kind of stupid error he was accusing the Guardian of. I’ve copied the text above, including the link, as it was first posted and as it remained when I went to bed last night. At both of those times, the link went to this article, which actually didn’t make the claim he said it did (after the several hour exchange we had, he did finally change the link to this letter).

The agencies were supposed to be “selective in which contractors are given exposure to this information”, but it was ultimately seen by Snowden, one of 850,000 people in the US with top-secret clearance.

That is, to prove his case that the Guardian was lying, Schindler originally linked to an article showing the Guardian not making that claim (note, I have no idea what the 850,000 number actually refers to, but the total of TS security clearance holders was 1.4 million this time last year, but that would not include the Brits who had access).

So I asked (tweets are in reverse order),

His immediate response was to accuse me of willful cluelessness. He insisted it was a lie and that I was unable to see what normal people see because I was so lit phd.

it’s a LIE – which you would know if you actually knew anything about NSA & intel. Less lit PhD, more cryptology – #protip

your inability to see what’s clear to normal people is so lit-PhD-cliche it’s terrifying.

He came up with something that was closer to the claim he made, though still not what he accused the Guardian of (though also, I believe, erroneous), but did not change the original erroneous link yet.

The Guardian understands that a total of 850,000 NSA employees and US private contractors with top secret clearance had access to GCHQ databases.

In the middle of it all, he tweeted his “stock phrase,” “This gets easier when you stop lying.”

When I was in #NSA CI I had a stock phrase: “This gets easier when you stop lying.” Now I’m saying it to The Guardian

And then it kept going and going and going, punctuated by the troubling comment above and the comedic relief of former Tory MP Louise Mensch coming in to tell me I should respect his expertise and then proceeded to lecture me that “cow” is not a verb (~~I think she has since deleted these tweets~~ they’re there–I just couldn’t find them) and on what a malaprop isn’t.

While we were all laughing heartily, Schindler added an update and in that update linked to this article, which quoted former Lord Chancellor Falconer making the claim, but did not include such a claim from the Guardian.

Falconer, who also said he deprecated attempts to portray the Guardian as an “enemy of the state”, pointed out that 850,000 people had access to the files leaked by the US whistleblower Edward Snowden.

Falconer, a close ally of Tony Blair who served as lord chancellor from 2003-07, told the Guardian: “I am aware that the three heads of the agencies said what has been published has set back the fight against terrorism for years. Sir John Sawers [the chief of MI6] said al-Qaida would be rubbing their hands with glee. This is in the context of maybe 850,000 people literally having access to this material.”

But still, hours after I first — in what I thought was a fairly polite comment — informed him his link didn’t prove what he said it did.

Several hours into the process, Daveed Garenstein-Ross found several more examples, some of which made the 850K claim, some which didn’t.

Through this entire discussion, I didn’t dispute that Schindler could find an example nor the point of the post — that nowhere near 850K people were cleared for these compartments. I just felt that if Schindler were going to aggressively accuse Guardian of lying, his links ought to back his claims. (See below for the range of other links bandied about last night.)

To me, it served as a metaphor for the larger debate on the NSA, akin to the refusal in some quarters to consider the lies of one’s own side. I suggested Schindler fix an easily fixed error. It took him hours and heaps of insults before he did, before he would hold himself to the same standard he was holding the Guardian to.

Errors happen. Lies do too. All sides have committed both, though clearly the security services seem to be capitalizing on their information asymmetry to try to ensure maximal disinformation and confusion.

But there are still truth claims to be made, with the expectation of evidence. Or there should be. Read more →

Time to Investigate John Brennan and Those Air Marshals Again

November 15, 2013/2 Comments/in Leak Investigations /by emptywheel

Back in September I noted that the entire narrative of the guilty plea from Donald Sachtleben presented the false impression that he was the first, only, or most dangerous leaker about the UndieBomb 2.0.

But, as bmaz emphasized in his post on Donald Sachtleben’s plea agreement, there’s no hint of prosecuting Brennan, who leaked Top Secret details about the British/Saudi double agent into AQAP, even while they’re imprisoning Donald Sachtleben, who is only accused of leaking details he knew to be Secret.

[snip]

They would also have you believe the AP had no inkling of the UndieBomb plot until ABC reported inflammatory claims about cavity bombs on April 30, 2012, even in spite of ABC’s reference to TSA head John Pistole’s earlier fear-mongering about it and in spite of additional reporting about broad Air Marshall mobilization.

That was nonsensical on its face.

But it is something that Sachtleben went out of his way to make clear at his sentencing yesterday.

“I was neither the sole nor the original source of information to ‘Reporter A’ about the suicide bomb,” Sachtleben said in a statement sent by his law firm. “The information I shared with Reporter A merely confirmed what he already believed to be true. Any implication that I was the direct source of a serious leak is an exaggeration.”

Ah well. Eric Holder has his head, and DOJ doesn’t have to prosecute the CIA Director now.

Lavabit and The Definition of US Government Hubris

November 13, 2013/8 Comments/in Congress, Culture, Cybersecurity, Department of Justice, FISA, Fuckstickery, Galactic Stupidity, Ideas and Ideology, Intelligence, Law, Leak Investigations, Obama Administration, PATRIOT, Terrorism, Unitary Executive /by bmaz

Graphic by Darth

Well, you know, if you do not WANT the United States Government sniffing in your and your family’s underwear, it is YOUR fault. Silly American citizens with your outdated stupid piece of paper you call the Constitution.

Really, get out if you are a citizen, or an American communication provider, that actually respects American citizen’s rights. These trivialities the American ethos was founded on are “no longer operative” in the minds of the surveillance officers who claim to live to protect us.

Do not even think about trying to protect your private communications with something so anti-American as privacy enabling encryption like Lavabit which only weakly, at best, even deigned to supply.

Any encryption that is capable of protecting an American citizen’s private communication (or even participating in the TOR network) is essentially inherently criminal and cause for potentially being designated a “selector“, if not target, of any number of searches, whether domestically controlled by the one sided ex-parte FISA Court, or hidden under Executive Order 12333, or done under foreign collection status and deemed “incidental”. Lavabit’s Ladar Levinson knows.

Which brings us to where we are today. Let Josh Gerstein set the stage:

A former e-mail provider for National Security Agency leaker Edward Snowden, Lavabit LLC, filed a legal brief Thursday detailing the firm’s offers to provide information about what appear to have been Snowden’s communications as part of a last-ditch offer that prosecutors rejected as inadequate.

The disagreement detailed in a brief filed Thursday with the U.S. Court of Appeals for the Fourth Circuit resulted in Lavabit turning over its encryption keys to the federal government and then shutting down the firm’s secure e-mail service altogether after viewing it as unacceptably tainted by the FBI’s possession of the keys.

I have a different take on the key language from Lavabit’s argument in their appellate brief though, here is mine:

First, the government is bereft of any statutory authority to command the production of Lavabit’s private keys. The Pen Register Statute requires only that a company provide the government with technical assistance in the installation of a pen- trap device; providing encryption keys does not aid in the device’s installation at all, but rather in its use. Moreover, providing private keys is not “unobtrusive,” as the statute requires, and results in interference with Lavabit’s services, which the statute forbids. Nor does the Stored Communications Act authorize the government to seize a company’s private keys. It permits seizure of the contents of an electronic communication (which private keys are not), or information pertaining to a subscriber (which private keys are also, by definition, not). And at any rate it does not authorize the government to impose undue burdens on the innocent target business, which the government’s course of conduct here surely did.

Second, the Fourth Amendment independently prohibited what the government did here. The Fourth Amendment requires a warrant to be founded on probable cause that a search will uncover fruits, instrumentalities, or evidence of a crime. But Lavabit’s private keys are none of those things: they are lawful to possess and use, they were known only to Lavabit and never used by the company to commit a crime, and they do not prove that any crime occurred. In addition, the government’s proposal to examine the correspondence of all of Lavabit’s customers as it searched for information about its target was both beyond the scope of the probable cause it demonstrated and inconsistent with the Fourth Amendment’s particularity requirement, and it completely undermines Lavabit’s lawful business model. General rummaging through all of an innocent business’ communications with all of its customers is at the very core of what the Fourth Amendment prohibits.

The legal niceties of Lavabit’s arguments are thus:

The Pen Register Statute does not come close. An anodyne mandate to provide information needed merely for the “unobtrusive installation” of a device will not do. If there is any doubt, this Court should construe the statute in light of the serious constitutional concerns discussed below, to give effect to the “principle of constitutional avoidance” that requires this Court to avoid constructions of statutes that raise colorable constitutional difficulties. Norfolk S. Ry. Co. v. City of Alexandria, 608 F.3d 150, 156–57 (4th Cir. 2010).

And, later in the pleading:

By those lights, this is a very easy case. Lavabit’s private keys are not connected with criminal activity in the slightest—the government has never accused Lavabit of being a co-conspirator, for example. The target of the government’s investigation never had access to those private keys. Nor did anyone, in fact, other than Lavabit. Given that Lavabit is not suspected or accused of any crime, it is quite impossible for information known only to Lavabit to be evidence that a crime has occurred. The government will not introduce Lavabit’s private keys in its case against its target, and it will not use Lavabit’s private keys to impeach its target at trial. Lavabit’s private keys are not the fruit of any crime, and no one has ever used them to commit any crime. Under those circumstances, absent any connection between the private keys and a crime, the “conclusion[] necessary to the issuance of the warrant” was totally absent. Zurcher, 436 U.S., at 557 n.6 (quoting, with approval, Comment, 28 U. Chi. L. Rev. 664, 687 (1961)).

What this boils down to is, essentially, the government thinks the keys to Lavabit’s encryption for their customers belong not just to Lavabit, and their respective customers, but to the United States government itself.

Your private information cannot be private in the face of the United States Government. Not just Edward Snowden, but anybody, and everybody, is theirs if they want it. That is the definition of bullshit.

[Okay, big thanks to Darth, who generously agreed to let us use the killer Strangelovian graphic above. Please follow Darth on Twitter]