Will Gary Peters Help Mitch McConnell Expand Illegal Surveillance?

A year ago, Michigan Senator Gary Peters voted with 302 of his House colleagues for that version of USA Freedom Act (the incarnation I called USA Freedumb). He voted for a badly flawed bill (perhaps looking forward to his Senate campaign), but he did vote for a smushy compromise to get the government out of the business of holding all Americans’ phone records.

Also about a year ago, Peters voted for the Massie-Lofgren Amendment which would have defunded back door searches of data collected under Section 702. It was an easy vote; there was little chance then Senate Appropriations Committee Chair Barb Mikulski would have let that remain in the Defense Appropriations.

But Peters at least pretended he cared about abusive surveillance.

This week, however, Peters claims to be uncertain about whether he will support a short-term extension of sunsetting PATRIOT Act authorities. His office twice did not respond to a request for clarification on this front.

Let me be very clear: supporting Mitch McConnell’s short-term extension serves just one purpose: To make the already weak reform, USA F-ReDux worse. Peters’ claimed uncertainty about what he will do just enables McConnell’s stunt to expose innocent Americans to more spying.

If, like me, you’re a Peters constituent, please call his office and urge him to hold the line on the already weak USA F-ReDux. (202) 224-6221

 

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Mitch McConnell Prepares to Reject a 6-Month Window to Set Up Dragnet Replacement

The surveillance hawks are out feeding the propaganda machine.

First there’s Eli Lake claiming that, if Congress were to pass legislation newly immunizing and compensating providers to conduct two-hop spying on Americans, most of whom would be innocent, it would amount to “tak[ing] back some of the extraordinary powers it granted to the executive branch [by…] revok[ing] the NSA’s authority to collect telephone records in bulk.” The implication is that Congress affirmatively granted the NSA that authority.

Of course, that’s not what happened. First, the Bush Administration secretly assumed that authority as it rolled out Stellar Wind, without even fully informing Congress about it or considering the legal implications of collecting Internet metadata via telecom switches. Years later, DOJ found that part of the program unlawful. When DOJ asked the FISA Court to approve that collection — well, in truth, it didn’t ask; DOJ told the court it “shall” authorize the collection under the terms of the Pen Register statute — it specifically refused to go to Congress to get it approved. “Government cannot pursue that route because seeking legislation would inevitably compromise the secrecy of the collection program the Government wishes to undertake,” the government’s application claimed.

It took years after getting a secret court to rubber stamp, twice (in the second instance, without even writing an opinion to explain how the Section 215 statute dictating relevance might be deemed to mean all) these new dragnet collections before the Executive briefed the full Intelligence Committees, and the Executive didn’t share the materials on the program until obligated to do so by the FISA Amendments Act. Though well into 2010, the Executive was withholding documents mandated under FAA for disclosure to the oversight committees. The Executive did provide short, in some ways misleading, summaries to be shared with Congress before they reauthorized the PATRIOT Act. But not only weren’t those summaries made easily available to members, in 2011, Mike Rogers didn’t pass it on, ensuring that a sufficient number of Congressmen to make the difference in the vote could not be informed. And the briefings held instead were affirmatively misleading.

This is what Eli Lake considers Congress “granting the executive branch authority to collect[] telephone records in bulk,” which is where he gets the claim that in shifting the program to providers it would be taking away an authority.

For all its other faults and, at times, outright inaccuracies, Lake accidentally reveals the problem with Mitch McConnell’s logic calling for a 2-month reauthorization.

Opponents of the bill raise one technical concern: The legislation gives the NSA 180 days to build a new computer architecture for querying the phone company databases. It’s a tricky matter. Phone companies store the records of only their customers, whereas the NSA stored all of these records in one database.

Even Representative Adam Schiff, the ranking Democrat on the House Intelligence Committee and a supporter of the bill to curb bulk collection, acknowledged this could be a problem. Speaking to reporters Tuesday at a breakfast sponsored by the Christian Science Monitor, Schiff said: “I think if we reach an impasse on the authority sunsets, then the NSA will have some responsibility for that breach. I have been urging the NSA for quite some time now to begin the process for developing the process to take data from different providers so they can talk to each other.”

If USA F-ReDux were to pass tomorrow, NSA would have 6 months to set up the replacement (though as Schiff notes, they could have been implementing the new plan for months). Continue reading

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

GOP Brought in Guy Who Authorized Dragnet to Talk Dragnets

I’m far more alarmed by this tidbit in the latest report on the fight over USA F-ReDux than many who are commenting on it.

McConnell’s presser came following Senate lunches, during which former Attorney General Michael Mukasey, who served under George W. Bush, briefed Republicans on the importance of the surveillance authorities. While defending the NSA’s phone-records dragnet, Mukasey did say a recent federal appeals court deeming the program illegal could complicate McConnell’s efforts to renew the Patriot Act without changes, given the legal uncertainty that could result, according to two senators present.

“He did recommend some acknowledgment of the decision so that it is addressed in the legislation,” Sen. John Hoeven, a North Dakota Republican, said.

The Republicans sat down to talk about dragnet surveillance and they brought in Michael Mukasey, who not only presided over the expansion of Stellar Wind in the form of FISA Amendments Act, but authorized SPCMA after some previous DOJ officials appear to have refused to.

SPCMA, you’ll recall, is the authority to contact chain on US-person metadata collected under EO 12333 that current FBI General Counsel James Baker refused to authorize in an earlier position at DOJ in 2006 but which Mukasey signed in early 2008 (and DOJ then promptly hid from FISC as it was considering whether the contact chaining that provided particularly under PRISM was constitutionally sound). The actual authorization for it languished for several months, half-signed, before Mukasey signed it in the early part of his tenure as Attorney General.

There is reason to believe SPCMA — that is, Internet data collected overseas, in addition to telephone metadata — is where a lot of the Internet chaining currently occurs, with almost none of the controls (or subject limitations) that existed under the PATRIOT-Authorized Internet dragnet. There is also reason to believe that USA F-ReDux envisions the government federating queries of metadata collected under its new Call Detail Record function with SPCMA data. Finally, I suspect that the Second Circuit decision on Section 215 may have repercussions for SPCMA as well.

In other words, I find it fairly alarming that GOP brought in Michael Mukasey and his advice was to make a nod to the Second Circuit even while talking about why the authorities — plural — were important.

Which is to say I don’t think his acknowledgment that Courts are Courts is very comforting, given that he appears to recommend sustaining existing “surveillance authorities” in current bulk form.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

USA F-ReDux Is Non-Exclusive, but the Second Circuit Might Be

I’m still trying to figure out WTF Mitch McConnell is doing with his Senate machinations over USA F-ReDux. Currently, he has both his short-term reauthorization and USA F-ReDux prepped for a vote, which probably means he’ll bring USA F-ReDux up for cloture or a vote, show that it doesn’t have enough support, and then use that to scaremonger the short-term reauthorization through as a way to wring more concessions out of the House.

Still, given what a dead-ender he is on a bill, USA F-ReDux, that gives the Intelligence Community so many goodies, I can’t help but wonder if there’s another explanation for his intransigence. I can think of one other possibility.

The House Judiciary Committee made it clear USA F-ReDux would be the exclusive means to obtain prospective Call Detail Records under Section 215:

This new mechanism is the only circumstance in which Congress contemplates the prospective, ongoing use of Section 501 of FISA in this manner.

But it made it equally clear it is not the exclusive means to obtain Call Detail Records. That’s because the report envisions conducting federated queries including “metadata [the government] already lawfully possess.”

The government may require the production of up to two ‘‘hops’’—i.e., the call detail records associated with the initial seed telephone number and call detail records (CDRs) associated with the CDRs identified in an initial ‘‘hop.’’ Subparagraph (F)(iii) provides that the government can obtain the first set of CDRs using the specific selection term approved by the FISC. In addition, the government can use the FISC-approved specific selection term to identify CDRs from metadata it already lawfully possesses. Together, the CDRs produced by the phone companies and those identified independently by the government constitute the first ‘‘hop.’’

I suggested here that that other “lawfully possessed metadata” probably consisted of data collected under EO 12333 (and permissible for chaining on US persons under SPCMA) and PRISM metadata.

But maybe that’s not all it includes. Maybe, the government has devise a way by which AT&T (or some other backbone provider) will still provide phone records in bulk on a daily basis? Maybe — as Richard Burr claimed before he later unclaimed — the government secretly maintains an IP dragnet under some other authority?

If that was the plan (though keep in mind, USA F-ReDux passed the House after the Second Circuit decision), then the Second Circuit may have ruined that effort. The ruling should limit all collection under a “relevant to” standard, not just that conducted under Section 215. And, as Faiza Patel argued, the decision should also affect collection where the government has dodged Fourth Amendment issues by focusing on “searches” rather than “seizures.”

[A]s Jennifer Daskal explained last Friday, “collection matters.” The Second Circuit rejected the government’s contention that there was no cognizable injury until plaintiffs’ phone records were actually analyzed and reviewed. It ruled that collection is properly analyzed as “seizure,” which if unlawful constitutes a separate injury from the “search” that takes place when records are analyzed either by a human being or a computer.

As the Supreme Court has recognized, in Fourth Amendment cases the analysis of standing is intertwined with the merits question of whether there has been an invasion of a protected privacy interest. Thus, the Second Circuit’s position on collection could have serious implications for other government programs beyond the standing question.

I’ve already suggested the decision might create problems for the virgin birth DOJ secretly gave to EO 12333 data used in SPCMA.

But who knows what else it applies to?

After all, USA F-ReDux was written so as to allow other dragnets (which is what EO 12333 is, after all). But the Second Circuit may pose problems for such dragnets that USA F-ReDux did not.

Going back to Richard Burr’s odd colloquy — which his office’s excuses simply cannot rationally explain — I think it (very remotely) possible the government is dragnetting IP addresses (perhaps for cybersecurity rather than counterterrorism purposes), but worries it has lost authority to do so with the Second Circuit decision. If so, it might be using this fight over counterterrorism data collection to lay congressional support for broader dragnet collection, to be able to sustain whatever other dragnets it has in place.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Fifty Shades of Fake University Degrees

On Sunday, Declan Walsh delivered a blockbuster report on the vast network of fake univeristies, diplomas for purchase and high-pressure upsales of “validation” credentials for fraudulently purchased diplomas. Remarkably, the company in which these activities were housed, Axact, with headquarters in Karachi and offices throughout Pakistan, had enjoyed a role as a prominent software company billing itself as Pakistan’s biggest software success story. Despite the massive amount of evidence compiled by Walsh and the Times, Axact initially pushed back hard, trying to threaten the Times with legal action and even going after a local Pakistani blog that merely accumulated amusing Tweets relating to the story.

Today, authorities in Pakistan took decisive action, with as many as 45 Axact employees arrested and the seizure of computer equipment and files:

According to Express News, employees were evacuated from the software company’s head office in Islamabad. Further, around 45 employees were rounded up, including HR and PR managers, to be taken to FIA headquarters.

The arrested Axact employees were shifted to FIA’s cyber-crime wing office.

The seven-member FIA team also seized hard disks, computers, other electronic equipment and documents belonging to the IT firm. The bags and mobile phones of department heads in Islamabad have also been seized.

/snip/

The FIA also raided Axact’s call center in Rawalpindi and seized voice call and other devices. Axact’s regional director Colonel (retd) Jamil has been taken into custody.

With “university” names like Columbiana and Barkley, the cynicism of Axact’s scam is breathtaking. But once I started thinking about it, I realized that the new world of online degrees is a very cutthroat place with questionable marketing practices everywhere. Just right here in Gainesville, the University of Florida has raised many eyebrows with its decision this year to admit an extra 3000 students who would not otherwise be admitted and then inform them that they have to complete the first year of studies toward their degree online. But don’t worry, poor little online second class students, because at UF, even if you complete your entire degree online, your diploma won’t reflect that fact. Here’s the very first entry on the FAQ’s for UF online:

UF

It’s a highly competitive world for those online degrees, whether they come from fake diploma mills, for-profit “universities” or traditional universities being forced by backwards legislators to come up with online competition.

Call me old-fashioned, but my concept of a university education involves an actual university with libraries housing real books, laboratories where real experiments can take place, lecture halls where students and professors actually interact face to face and a shared site where a community moves about freely. Sure, fake diplomas from legitimate universities do get penned now and then, but the market for fakery has been enabled greatly by the rapid expansion of online “learning”.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Michael Hayden’s Masturbatory Claims of Dragnet Efficacy

In a bid to extend a dragnet that has proven useless in the function the Intelligence Community claims it serves, Mitch McConnell is claiming there are secret reasons we need to keep the dragnet.

It’s possible this is just a tactic, to gain leverage to make USA F-ReDux even worse.

It’s possible that McConnell just wants to retain the dragnet to identify people to coerce into becoming informants, the use the FBI has claimed for the dragnet that never got included in its more public assessments of value.

It’s possible McConnell wants to retain a dragnet — and finally expand it to include most Internet metadata — because he can (and all of our Five Eyes allies have done so in the wake of Snowden’s leaks).

But I want to submit another possibility, based on the Stellar Wind IG Report.

In its assessment of the Stellar Wind dragnet — the same section that notes that 1.2% of all tips made a “significant” contribution to finding terrorists (and that measure included deporting suspected terrorists and identifying potential informants, not just identifying actual terrorists) and Internet dragnet tips had made no contribution — the report explained Michael Hayden’s justification.

Hayden also observed that the enemy may not have been as embedded in the United States as much as feared but said that he believes Stellar Wind helped determine this.

[snip]

Other witnesses, such as General Hayden, said that the value of the program may lie in its ability to help the Intelligence Community determine that the terrorist threat embedded within the country is not as great as once feared. (PDF 647, 664)

Now, remember, to justify operating this program in defiance of the law (and to justify getting FISC to rubber stamp it in 2004 in defiance of common sense), John Brennan and his colleagues would routinely write a “scary memo” to establish that the threat of a terrorist attack on the US was so big that the government needed the program. Probably, they used Khalid Sheikh Mohammed’s claim that he had gotten a Briton to recruit non-existent black Muslims in Montana to start forest fires for the 3 months of 2003 that CIA believed that ruse. We know in 2004, the CIA drummed up fear of an election year plot — seeded by a fabricator and sustained through CIA’s use of torture — to sustain the initial Internet dragnet order.

The point is, for the entire life of the dragnet, the government justified it by talking about scary terrorists embedded in the US.

And then, when challenged in 2009 to explain the value of the dragnet, Hayden explained that it was useful because it proved those claims of scary terrorists embedded in the US turned out to be overblown.

The best Hayden can offer — after years of overseeing a dragnet — is that it proved the IC’s overblown claims in the first place were overblown.

Behind all this dragnettery, then, lies a great deal of masturbatory fear-mongering.

 

 

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Mike Morell’s Performance of “Intelligence”

Given that Bill Harlow co-wrote George Tenet and Jose Rodriguez’ autobiographical novels, it’s fairly clear he continues to propagandize for the CIA years after he left the Agency as Public Affairs officer. Still, his past autobiographical novels were perhaps more convincing than the roll out of Mike Morell’s autobiographical novel, The Great War of Our Time, which Harlow also co-wrote. That’s pretty remarkable given that Morell had more retained credibility than either of the other two. This propaganda tour actually seems to be eroding Morell’s credibility.

Part of the problem is interviews like this, where Morell says both that we should be “all in” with Saudi Arabia (an asinine judgement, in my opinion, perhaps betraying CIA’s close ties to the Saudis) and that we should support secular Bashar al-Assad, which is totally inconsistent with his first stance.

And he makes those two claims in an interview where he also claims that numbers on collateral damage tied to drone strikes are “propaganda.”

“The other thing I’ll say is that this is the most precise weapon in the U.S. arsenal.  Collateral damage is not zero — and gosh, I wish it were zero, but it’s not — but it’s very close to zero.

“Number three, the numbers that you see about huge numbers of collateral damage just aren’t true.  They are put out there as propaganda by people who want this program to go away, and al-Qaida is one of those groups.”

It’s a great display of Morell’s approach to lying.

First, most people don’t claim there are huge numbers of collateral damage. TBIJ — which is both one of the more partisan voices against drone strikes but which also does some of the most meticulous work tracking drone killing over years — shows that civilians amount for around 14%  of those killed (a lower number than some more hawkish counts). The number itself is not, as Morell depicts it, “huge.” But it is, nevertheless, a relatively large amount, one what brings with it a lot of blowback. And the numbers — which again, are similar to those tracked my multiple independent sources — are much higher than CIA publicly claims.

It is CIA, and not drone killing trackers, engaged in propaganda here.

Yet by refuting something his opponents hadn’t asserted, Morell gets to claim to have debunked it.

While I have no idea what part of Sy Hersh’s story on Osama bin Laden are true, Morell’s use of the same method to debunk Hersh suggests he’s engaged — at least partly — in non-denial denial.

Jeff Stein deals with one problem with Morell’s debunking. CIA’s former Deputy Director claims that if we had tipped the Pakistanis (who are dealt with as a monolith in Morell’s story) they would have told Osama bin Laden. Wouldn’t that require knowledge of where he was, and some ongoing interest in protecting him? If so, that actually confirms a key premise of Hersh’s (and other reporters’) stories.

Then there’s Morell’s debunking of the walk-in story.

He claims that we learned of bin Laden’s location not from following the courier and from excellent intelligence analysis, but from a Pakistani intelligence officer who walked into the U.S. Embassy and gave us bin Laden’s whereabouts in exchange for “much of the $25 million reward offered by the U.S.” The truth is that while walk-ins have long been useful in providing intelligence to us world-wide, none of the information that led to finding the location where bin Laden was came from walk-ins.

NBC has already confirmed that there was a walk-in — just that he wasn’t key to identifying OBL’s location.

Editor’s Note: This story has been updated since it was first published. The original version of this story said that a Pakistani asset told the U.S. where bin Laden was hiding. Sources say that while the asset provided information vital to the hunt for bin Laden, he was not the source of his whereabouts.

Morell’s statement is utterly consistent with NBC’s reporting.

Morell claims to debunk Hersh’s claim that CIA obtained DNA from OBL.

bin Laden was very ill, and that early on in his confinement at Abbottabad, the ISI had ordered Amir Aziz, a doctor and a major in the Pakistani army, to move nearby to provide treatment.

[snip]

The planners turned for help to Kayani and Pasha, who asked Aziz to obtain the specimens. Soon after the raid the press found out that Aziz had been living in a house near the bin Laden compound: local reporters discovered his name in Urdu on a plate on the door. Pakistani officials denied that Aziz had any connection to bin Laden, but the retired official told me that Aziz had been rewarded with a share of the $25 million reward the US had put up because the DNA sample had showed conclusively that it was bin Laden in Abbottabad.

But Morell focuses on obtaining DNA from the compound and from OBL’s children, not from OBL himself.

Mr. Hersh says we obtained DNA samples from people in the bin Laden compound before the assault was launched. Wrong again. We would have liked to have obtained samples from the children in the compound to confirm that they were bin Laden’s children, but we did not. [my emphasis]

And Morell claims Hersh’s claim that SEALs couldn’t have thrown OBL body parts out the helicopter over the Hindu Kush …

The remains, including his head, which had only a few bullet holes in it, were thrown into a body bag and, during the helicopter flight back to Jalalabad, some body parts were tossed out over the Hindu Kush mountains – or so the Seals claimed.

… Because he received a burial at sea.

Finally—and most absurdly perhaps—Mr. Hersh cites his sources as telling him that SEALs threw bin Laden body parts off their helicopter over the Hindu Kush and suggests that the burial at sea from the USS Carl Vinson never happened. Bin Laden’s body received a proper Muslim burial at sea. How do I know? I heard the president give the order, and I saw photographs and video of the burial at sea.

Now, to be fair, this is one claim from Hersh I’m most skeptical of (though I realize now the SEALs might have thrown some body parts out the helicopter to leave DNA evidence that OBL was killed there, which was the purported cover story). But Morell’s debunking is no such thing, because it is perfectly possible a shrouded corpse could be buried at sea even if it were missing some body parts. (I’ll also note that JSOC hid what I believe to be trophy photos after this story started breaking, which suggests the SEALs did something with the corpse that would cause problems if it were publicized, though I always assumed they just hammed it up.)

In other words, as Morell does for his drone propaganda, he usually doesn’t debunk what Hersh wrote, but instead something else.

Which is a suggestion that he’s engaged in another cover story.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

About those Brennan Lies about Working with Iran and Those Who Commit Atrocities

During the whole flap over Seymour Hersh’s reporting questioning the Osama bin Laden raid, I kept pointing to Ron Wyden’s comments to John Brennan about lies he told in March, probably at his Council on Foreign Relations speech.

I guessed that Brennan’s likely lies had to do with whether we partner with anyone who commits atrocities and whether Brennan has worked directly with Iranian Republican Guard leader Qasem Soleimani. And after Hersh’s report that we still have a dark site on Diego Garcia, I added Brennan’s claim we outsource all our interrogation to partners.

Keep those potential lies as you read Moon of Alabama’s guesses about why the Syrians announced this raid before the Americans did.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Joel Brenner Reveals David Addington’s Sources and Methods

Several people (including Dan Froomkin) have pointed to the speech former NSA Inspector General Joel Brenner gave at NSA today for the confirmation of what was pretty clear from the joint IG Report on Stellar Wind — that David Addington ran the program out of OVP.

The seed of the problem was planted shortly after 9/11, when the White House determined to undertake certain collection outside the FISA regime under a highly classified, but now mostly declassified, program called STELLAR WIND. That program was not SAP’ed, because the creation of a new special access program requires Congressional notification, but it was run directly by the Office of the Vice President and put under the direct personal control of the Vice President’s counsel, David Addington.

But there’s another detail I find more interesting (aside from Brenner’s note that parts of the program remain classified, which people often forget).

Stellar Wind was not SAP’ed, Joel Brenner (who was, at least according to the IG Report, not read in himself until far later than he makes out in his speech).

Because if it were SAP’ed — if it were made a Special Access Program — then Congress would have had to be notified.

I’m interested in that for two reasons.

First (and most prosically), the Executive was messing around with the classification of Stellar Wind at least until January 2009, when they appear to have been making last minute adjustments to gain advantage in the al-Haramain suit.

More interestingly, because the Executive claims Congress was notified (even in that IG Report, though interestingly enough, some accountings of Congressional briefings got redacted in the underlying reports). Joel Brenner is here suggesting that they weren’t, really. Which is consistent with the fact that the briefing Congress got on March 10, 2004 was different in substance than what they had gotten before then.

Finally, because there are questions about when and who made the torture program a SAP. It appears not to have happened until early 2003 (and some of CIA’s own briefing records suggest that’s when the first torture briefings were, notwithstanding the September 2002 briefings for the Gang of Four).

Brenner’s suggestion makes it likely (as if it weren’t already) that that decision, too, was driven by Addington.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

How the Second Circuit, FISC, and the Telecoms Might Respond to McConnell’s USA F-ReDux Gambit

Update: Jennifer Granick (who unlike me, is a lawyer) says telecoms will be subject to suit if they continue to comply with dragnet orders. 

Any company that breaches confidentiality except as required by law is liable for damages and attorneys’ fees under 47 U.S.C. 206. And there is a private right of action under 47 U.S.C. 207.

Note that there’s no good faith exception in the statute, no immunity for acting pursuant to court order. Rather, the company is liable unless it was required by law to disclose. So Verizon could face a FISC 215 dragnet order on one side and an order from the Southern District of New York enjoining the dragnet on the other. Is Verizon required by law to disclose in those circumstances? If not, the company could be liable. And did I mention the statute provides for attorneys’ fees?

Everything is different now than it was last week. Reauthorization won’t protect the telecoms from civil liability. It won’t enable the dragnet. As of last Thursday, the dragnet is dead, unless a phone company decides to put its shareholders’ money on the line to maintain its relationships with the intelligence community.

Last night, Mitch McConnell introduced a bill for a 2-month straight reauthorization of the expiring PATRIOT provisions as well as USA F-ReDux under a rule that bypasses Committee structure, meaning he will be able to bring that long-term straight reauthorization, that short term one, or USA F-ReDux to the floor next week.

Given that a short term reauthorization would present a scenario not envisioned in Gerard Lynch’s opinion ruling the Section 215 dragnet unlawful, it has elicited a lot of discussion about how the Second Circuit, FISC, and the telecoms might respond in case of a short term reauthorization. But these discussions are almost entirely divorced from some evidence at hand. So I’m going to lay out what we know about both past telecom and FISA Court behavior.

Because of the details I lay out below, I predict that so long as Congress looks like it is moving towards an alternative, both the telecoms and the FISC will continue the phone dragnet in the short term, and the Second Circuit won’t weigh in either.

The phone dragnet will continue for another six months even under USA F-ReDux

As I pointed out here, even if USA F-ReDux passed tomorrow, the phone dragnet would continue for another 6 months. That’s because the bill gives the government 180 days — two dragnet periods — to set up the new system.

(a) IN GENERAL.—The amendments made by sections 101 through 103 shall take effect on the date that is 180 days after the date of the enactment of this Act.

(b) RULE OF CONSTRUCTION.—Nothing in this Act shall be construed to alter or eliminate the authority of the Government to obtain an order under title V of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 24 1861 et seq.) as in effect prior to the effective date described in subsection (a) during the period ending on such effective date.

The Second Circuit took note of USA F-ReDux specifically in its order, so it would be hard to argue that it doesn’t agree Congress has the authority to provide time to put an alternative in place. Which probably means (even though I oppose Mitch’s short-term reauth in most scenarios) that the Second Circuit isn’t going to balk — short of the ACLU making a big stink — at a short term reauth for the purported purpose of better crafting a bill that reflects the intent of Congress. (Though the Second Circuit likely won’t look all that kindly on Mitch’s secret hearing the other day, which violates the standards of debate the Second Circuit laid out.)

Heck, the Second Circuit waited 8 months — and one failed reform effort — to lay out its concerns about the phone dragnet’s legality that were, in large part, fully formed opinions at least September’s hearing. The Second Circuit wants Congress to deal with this and they’re probably okay with Congress taking a few more months to do so.

FISC has already asked for briefing on any reauthorization

A number of commentators have also suggested that the Administration could just use the grandfather clause in the existing sunset to continue collection or might blow off the Appeals Court decision entirely.

But the FISC is not sitting dumbly by, oblivious to the debate before Congress and the Courts. As I laid out here, in his February dragnet order, James Boasberg required timely briefing from the government in each of 3 scenarios:

  • A ruling from an Appellate Court
  • Passage of USA F-ReDux introduces new issues of law that must be considered
  • A plan to continue production under the grandfather clause

And to be clear, the FISC has not issued such an order in any of the publicly released dragnet orders leading up to past reauthorizations, not even in advance of the 2009-2010 reauthorizations, which happened at a much more fraught time from the FISC’s perspective (because FISC had had to closely monitor the phone dragnet production for 6 months and actually shut down the Internet dragnet in fall 2009). The FISC clearly regards this PATRIOT sunset different than past ones and plans to at least make a show of considering the legal implications of it deliberately.

FISC does take notice of other courts

Of course, all that raises questions about whether FISC feels bound by the Second Circuit decision — because, of course, it has its very own appellate court (FISCR) which would be where any binding precedent would come from.

There was an interesting conversation on that topic last week between (in part) Office of Director of National Intelligence General Counsel Bob Litt and ACLU’s Patrick Toomey (who was part of the team that won the Second Circuit decision). That conversation largely concluded that FISC would probably not be bound by the Second Circuit, but Litt’s boss, James Clapper (one of the defendants in the suit) would be if the Second Circuit ever issued an injunction.

Sunlight Foundation’s Sean Vitka: Bob, I have like a jurisdictional question that I honestly don’t know the answer to. The Court of Appeals for the Second Circuit. They say that this is unlawful. Obviously there’s the opportunity to appeal to the Supreme Court. But, the FISA Court of Review is also an Appeals Court. Does the FISC have to listen to that opinion if it stands?

Bob Litt: Um, I’m probably not the right person to ask that. I think the answer is no. I don’t think the Second Circuit Court of Appeals has direct authority over the FISA Court. I don’t think it’s any different than a District Court in Idaho wouldn’t have to listen to the Second Circuit’s opinion. It would be something they would take into account. But I don’t think it’s binding upon them.

Vitka: Is there — Does that change at all given that the harms that the Second Circuit acknowledged are felt in that jurisdiction?

Litt: Again, I’m not an expert in appellate jurisdiction. I don’t think that’s relevant to the question of whether the Second Circuit has binding authority over a court that is not within the Second Circuit. I don’t know Patrick if you have a different view on that?

Third Way’s Mieke Eoyang: But the injunction would be, right? If they got to a point where they issued an injunction that would be binding…

Litt: It wouldn’t be binding on the FISA Court. It would be binding on the persons who received the —

Eoyong: On the program itself.

Patrick Toomey: The defendants in the case are the agency officials. And so an injunction issued by the Second Circuit would be directed at those officials.

But there is reason to believe — even beyond FISC’s request for briefing on this topic — that FISC will take notice of the Second Circuit’s decision, if not abide by any injunction it eventually issues.

That’s because, twice before, it has even taken notice of magistrate judge decisions.

The first known example came in the weeks before the March 2006 reauthorization of the PATRIOT Act would go into effect. During 2005, several magistrate judges had ruled that the government could not add a 2703(d) order to a pen register to obtain prospective cell site data along with other phone data. By all appearances, the government was doing the same with the equivalent FISA orders (this application of a “combined” Business Record and Pen Register order is redacted in the 2008 DOJ IG Report on Section 215, but contextually it’s fairly clear this is close to what happened). Those magistrate decisions became a problem when, in 2005, Congress limited Section 215 order production to that which could be obtained with a grand jury subpoena. Effectively, the magistrates had said you couldn’t get prospective cell site location with just a subpoena, which therefore would limit whether FBI could get cell site location with a Section 215 order.

While it is clear that FISC required briefing on this point, it’s not entirely clear what FISC’s response was. For a variety of reasons, it appears FISC stopped these combined application sometime in 2006 — the reauthorization went into effect in March 2006 — though not immediately (which suggests, in the interim, DOJ just found a new shell to put its location data collection under).

The other time FISC took notice of magistrate opinions pertained to Post Cut Through Dialed Digits (those are the things like pin and extension numbers you dial after your call or Internet connection has been established). From 2006 through 2009, some of the same magistrates ruled the government must set its pen register collection to avoid collecting PCTDD. By that point, FISC appears to have already ruled the government could collect that data, but would have to deal with it through minimization. But the FISC appears to have twice required the government to explain whether and how its minimization of PCTDD did not constitute the collection of content, though it appears that in each case, FISC permitted the government to go on collecting PCTDD under FISA pen registers. (Note, this is another ruling that may be affected by the Second Circuit’s focus on the seizure, not access, of data.)

In other words, even on issues not treating FISC decisions specifically, the FISC has historically taken notice of decisions made in courts that have no jurisdiction over its decisions (and in one case, FISC appears to have limited government production as a result). So it would be a pretty remarkable deviation from that past practice for FISC to completely blow off the Second Circuit decision, even if it may not feel bound by it.

Verizon responds to court orders, but in half-assed fashion

Finally, there’s the question of how the telecoms will react to the Second Circuit decision. And even there, we have some basis for prediction.

In January 2014, after receiving the Secondary Order issued in the wake of Judge Richard Leon’s decision in Klayman v. Obama that the dragnet was unconstitutional, Verizon made a somewhat half-assed challenge to the order.

Leon issued his decision December 16. Verizon did not ask the FISC for guidance (which makes sense because they are only permitted to challenge orders).

Verizon got a new Secondary Order after the January 3 reauthorization. It did not immediately challenge the order.

It only got around to doing so on January 22 (interestingly, a few days after ODNI exposed Verizon’s role in the phone dragnet a second time), and didn’t do several things — like asking for a hearing or challenging the legality of the dragnet under 50 USC 1861 as applied — that might reflect real concern about anything but the public appearance of legality. (Note, that timing is of particular interest, given that the very next day, on January 23, PCLOB would issue its report finding the dragnet did not adhere to Section 215 generally.)

Indeed, this challenge might not have generated a separate opinion if the government weren’t so boneheaded about secrecy.

Verizon’s petition is less a challenge of the program than an inquiry whether the FISC has considered Leon’s opinion.

It may well be the case that this Court, in issuing the January 3,2014 production order, has already considered and rejected the analysis contained in the Memorandum Order. [redacted] has not been provided with the Court’s underlying legal analysis, however, nor [redacted] been allowed access to such analysis previously, and the order [redacted] does not refer to any consideration given to Judge Leon’s Memorandum Opinion. In light of Judge Leon’s Opinion, it is appropriate [redacted] inquire directly of the Court into the legal basis for the January 3, 2014 production order,

As it turns out, Judge Thomas Hogan (who will take over the thankless presiding judge position from Reggie Walton next month) did consider Leon’s opinion in his January 3 order, as he noted in a footnote.

Screen Shot 2014-04-28 at 10.49.42 AM

And that’s about all the government said in its response to the petition (see paragraph 3): that Hogan considered it so the FISC should just affirm it.

Verizon didn’t know that Hogan had considered the opinion, of course, because it never gets Primary Orders (as it makes clear in its petition) and so is not permitted to know the legal logic behind the dragnet unless it asks nicely, which is all this amounted to at first.

Ultimately, Verizon asked to see proof that FISC had considered Leon’s decision. But it did not do any of the things people think might happen here — it did not immediately cease production, it did not itself challenge the legality of the dragnet, and it did not even ask for a hearing.

Verizon just wanted to make sure it was covered; it did not, apparently, show much concern about continued participation in it.

And this is somewhat consistent with the request for more information Sprint made in 2009.

So that’s what Verizon would do if it received another Secondary Order in the next few weeks. Until such time as the Second Circuit issues an injunction, I suspect Verizon would likely continue producing records, even though it might ask to see evidence that FISC had considered the Second Circuit ruling before issuing any new orders.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Emptywheel Twitterverse

bmaz RT @AP_NFL: AP sources: Tom Brady's appeal won't be heard by Wednesday deadline (@ap_robmaaddi) #NFL http://t.co/zpPZFHO5P5
13mreplyretweetfavorite
bmaz @BradMossEsq @AdamSerwer Well, you are a competent attorney, so, no, probably not.
15mreplyretweetfavorite
bmaz @quinnnorton @MonaHol No, on the whole, I think juries do MUCH better than many people think.
18mreplyretweetfavorite
bmaz @JeffreyToobin @fedcourts Nope. That hope appears to have vanished when more were not nominated and pushed previously.
23mreplyretweetfavorite
emptywheel @DanielLarison We have a lot of democracy to share.
23mreplyretweetfavorite
bmaz @quinnnorton @MonaHol I have done an awful lot of jury trials, and I think you are selling juries short as a whole. They work.
36mreplyretweetfavorite
emptywheel @DanaHoule On the second one, which is quite lovely.
42mreplyretweetfavorite
emptywheel Phone dragnet is most important thing ever. Unless Mitch McConnell might suffer embarrassment for his hubris. In which case it's "trivial"
45mreplyretweetfavorite
emptywheel Devin Nunes, of fight to continue the little-used but "important" phone dragnet: "really trivial" http://t.co/qwG5rYyIVV
47mreplyretweetfavorite
bmaz @quinnnorton @MonaHol The courtroom is a different place, I can understand the frustration though.
50mreplyretweetfavorite
JimWhiteGNV A little overcast this evening, but quite a nice view for next six days. http://t.co/8kIES8JqOq
53mreplyretweetfavorite
May 2015
S M T W T F S
« Apr    
 12
3456789
10111213141516
17181920212223
24252627282930
31