The Government Continues to Play Hide and Seek with Surveillance Authorities

Last year, I described the effort by the Reaz Qadir Khan’s lawyers to make the government list all the surveillance it had used to catch him (which, significantly, would either be targeted off a dead man or go back to the period during with the government used Stellar Wind). In October the government wrote a letter dodging most notice. Earlier this year, Judge Michael Mosman (who happens to also be a FISA judge) deferred the notice issues until late in the CIPA process. Earlier this month, Khan plead guilty to accessory to material support for terrorism after the fact.

Another defendant accused of material support, Jamshid Muhtorov, replicated that tactic, demanding notice of all the types of surveillance used against him (his co-defendant, Bakhtiyor Jumaev, joined the motion). The government responded to that motion yesterday.

A comparison of the two responses is instructive.

Part of what the government does in both is to rehearse the notice requirements of a particular statute, stating that in this case the evidence hasn’t met those terms. It does so, we can be certain, whether or not the surveillance has been used. That’s because the government addressed FISA Section 703 notice in the Khan case, and we know the government doesn’t use 703 by itself at all.

The responses the government made for both Section 215 request, in which the government said it has no duty to notice Section 215 and a defendant would not have standing nor would have a suppression remedy,

Screen Shot 2015-02-27 at 3.07.00 PM

And PRTT, in which the government listed 5 criteria, all of which must be met to require notice, were virtually identical.

Screen Shot 2015-02-27 at 3.08.35 PM

Which is why I’m interested that the government’s treatment of EO 12333 notice was different (in both cases, there’s good reason to believe EO 12333 surveillance was involved, though in the case of Khan, that would likely include the illegal dragnet).

With Khan, the government remained completely silent about the questions of EO 12333 collection.

Whereas with Muhtorov — who was likely included in the Internet metadata dragnet, but probably not in Stellar Wind — the government argues he would only get notice if Muhtorov could claim evidence used against him in a proceeding was obtained via allegedly illegal electronic surveillance.

Therefore, under circumstances where § 3504 applies, the government would be required to affirm or deny the occurrence of the surveillance only when a defendant makes a colorable claim that evidence is inadmissible because it was “the primary product of” or “obtained by the exploitation of” allegedly unlawful electronic surveillance as to which he is aggrieved.

Then it included a [sealed material redacted] notice.

Which seems tantamount to admission that EO 12333 data was used to identify Muhtorov, but that in some way his prosecution was did not arise from that data as a “primary product.”

Muhtorov was IDed in a chat room alleged to have ties to the Islamic Jihad Union, which I presume though don’t know is hosted overseas. So that may have  been EO 12333 surveillance. But it may be that his communications on it were collected via 702 using the Internet dragnet as an index.

Is the government arguing that using a dragnet the FISC declared to be in violation of FISC orders only as a Dewey Decimal system for other surveillance doesn’t really count?

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

American Hegemony: Delivering “Unpredictable Instability” the World Over

I love Global Threat Hearings and curse you Richard Burr for holding the Senate Intelligence Committee’s hearing in secret.

At least John McCain had the courage to invite James Clapper for what might have been (but weren’t) hard questions in public in front of Senate Armed Services Committee Thursday.

Clapper started with a comment that was not prominent in (though it definitely underscored) his written testimony (Update: Here’s the transcript of his as-delivered statement.)

Unpredictable instability is the new normal.The year 2014 saw the highest rate of political instability since 1992. The most deaths as a result of state-sponsored mass killings since the early 1990s. And the highest number of refugees and internally displaced persons (or IDPs) since World War II. Roughly half of the world’s currently stable countries are at some risk of instability over the next two years.

It’s a damning catalog. All the more so given that the US has been the world’s unquestioned hegemon since that period in the early 1990s when everything has been getting worse, since that period when the first President Bush promised a thousand points of light.

And while the US can’t be held responsible for all the instability in the world right now, it owns a lot of it: serial invasions in the Middle East and the coddling of Israel account for many of the refugees (though there’s no telling what would have happened with the hundred thousand killed and millions of refugees in Syria had the second President Bush not invaded Iraq, had he taken Bashar al-Assad up on an offer to partner against al Qaeda, had we managed the aftermath of the Arab Spring differently).

US-backed neoliberalism and austerity — and the underlying bank crisis that provided the excuse for it — has contributed to instability elsewhere, and probably underlies those countries that Clapper thinks might grow unstable in the next year.

We’re already seeing instability arising from climate change; the US owns some of the blame for that, and more for squandering its leadership role on foreign adventures rather than pushing a solution to that more urgent problem (Clapper, by the way, thinks climate change is a problem but unlike Obama doesn’t consider it the most serious one).

There are, obviously, a lot of other things going on. Clapper talked admiringly of China’s modernization of its military, driven by domestically developed programs, an obvious development when a country becomes the manufacturing powerhouse of the world. But China’s growing influence comes largely in the wake of, and in part because of, stupid choices the US has made.

There was, predictably, a lot of discussion about cyberthreats, even featuring Senate Intelligence Committee member Angus King arguing we need an offensive threat (we’ve got one — and have been launching pre-emptive strikes for 9 years now — as he would know if he paid attention to briefings or read the Intercept or the New York Times) to deter others from attacking us with cyberweapons.

Almost everyone at the hearing wanted to talk about Iran, without realizing that a peace deal with it would finally take a step towards more stability (until our allies the Saudis start getting belligerent as a result).

Still, even in spite of the fact that Clapper started with this inventory of instability, there seemed zero awareness of what a damning indictment that is for the world’s hegemon. Before we address all these other problems, shouldn’t we focus some analysis on why American hegemony went so badly wrong?

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

FBI Now Claiming Section 215 (Which Is Different Than the Phone Dragnet) Has a Big Role in Hacking Investigations

Admittedly, after its alarmism on encryption, one should always treat FBI claims about necessary tools skeptically. But I’m interested in the claim, made by FBI’s Assistant Director of its Cyber Division, that the Bureau relies on 215 for computer intrusion investigations.

The FBI’s cyber crime investigations would “obviously” suffer if Congress doesn’t reauthorize Section 215 of the Patriot Act, which allows the FBI to request business records from major companies.

“If that expires, obviously it’s going to impact what we do as an organization and certainly on cyber,” said Joseph Demarest, assistant director of the FBI’s Cyber Division, during a roundtable discussion with reporters Tuesday.

Congress must reauthorize the controversial portion of the law by June 1. Civil liberties advocates argue the 215 program is an invasion of privacy, granting the National Security Agency (NSA) blanket authority to spy on Americans.
But two leaders of the FBI’s digital crime unit said losing the program would reduce the bureau’s effectiveness.

The business records request program based on Section 215 allows the FBI to obtain customer records from places like major telecom companies without going through the public court system.

“We use that in working with, I’ll say major providers,” Demarest said. “And we’re looking at historical records.”

“Not having the ability to use that as a vehicle to obtain that information,” Demarest added, “that’s the problem we face.”

The FBI argues that the 215 program approach allows investigators to go after cyber crooks without tipping their hand to possible accomplices.

Let me interject and note that the reporting on this — and therefore presumably the questions asked at this little eat-the-journalists-for-lunch-event — was atrocious.

The guy in charge of hacking told a group of reporters they rely on Section 215 to investigate hacking. And several of those reporters then reported that he said they needed the phone dragnet.

If true, that would be huge news, because the phone dragnet has pretty tight controls limiting its use to terrorists and Iran. So if the NSA is now also using the phone dragnet to catch hackers, it means the government has blown up the definition of hackers even further than they obviously have.

But it’s unlikely that’s what Demarest meant, though that doesn’t mean his comment, if true, isn’t newsworthy for other reasons.

The reporters claiming the FBI uses the phone dragnet to catch hackers are — as far too many activist organizations do — probably conflating the phone dragnet, a program authorized by Section 215, with Section 215, which authorizes the collection of a lot more things — things like money transfers, explosives precursors, hotel records, probably credit card data, and Internet records – including in what you and I would call bulk, even if Bob Litt would not.

There were roughly 180 Section 215 orders last year. Only 5 of those orders supported the phone dragnet.

I’m guessing, but probably what Demarest was talking about is FBI’s (note, not NSA’s) reliance, since 2009, to collect records from Internet companies.  At least during 2011 and 2012, the majority of the Section 215 orders were for Internet records.

We can say a few things about this collection. First, FBI conducted the collection using NSLs until 2009, when publication of an OLC opinion limiting the interpretation of phone records covered by NSLs led the Internet companies to successfully challenge the use of NSLs to collect that data anymore. This collection obtains “electronic communication transaction records,” but for something other than the Internet equivalent of call time and participants (because that’s what the OLC opinion excluded).  These orders are probably fairly programmatic, because it can take 30 to 40 days to obtain a Section 215 order (meaning the FBI would run whatever collection on a set of standing orders, just like they do the phone dragnet). And these collections are probably substantive enough that FISC imposed minimization procedures on the collection.

And, we can now guess (assuming, of course, the FBI isn’t talking out of its arse again) that these collections support cyberinvestigations.

One reason this is important, however, is that it changes the stakes for reauthorization of Section 215. If the FBI considers this mission critical, it means activists should account for this collection when they consider the leverage they have in debates moving forward.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Markets as a Justification for Milton Friedman’s New Liberalism

I’ve put up several weedy posts explaining my view of the terms Market and Market Economy. In this post I pull back to see how this all fits in with neoliberalism. The basic idea of 19th Century liberalism was stated by Milton Friedman in this essay:

This development, which was a reaction against the authoritarian elements in the prior society, emphasized freedom as the ultimate goal and the individual as the ultimate entity in the society. It supported laissez faire at home as a means of reducing the role of the state in economic affairs and thereby avoiding interfering with the individual; it supported free trade abroad as a means of linking the nations of the world together peacefully and democratically. In political matters, it supported the development of representative government and of parliamentary institutions, reduction in the arbitrary power of the state, and protection of the civil freedoms of individuals

… Whereas 19th century liberalism emphasized freedom, 20th century liberalism tended to emphasize welfare. I would say welfare instead of freedom though the 20th century liberal would no doubt say welfare in addition to freedom. The 20th century liberal puts his reliance primarily upon the state rather than on private voluntary arrangements.

Friedman prefers 19th Century liberalism, or as he calls it “new liberalism”, which focuses on the freedom of capital, and the economic liberty of the rich. Friedman takes up the misery of the working class and the poor in 19th C. England, and the solutions of Bentham.

The relation between political and economic freedom is complex and by no means unilateral. In the early 19th century, Bentham and the Philosophical Radicals were inclined to regard political freedom as a means to economic freedom. Their view was that the masses were being hampered by the restrictions that were being imposed upon them, that if political reform gave the bulk of the people the vote, they would do what was good for them, which was to vote for laissez faire. In retrospect, it is hard to say that they were wrong. There was a large measure of political reform that was accompanied by economic reform in the direction of a great deal of laissez faire. And an enormous increase in the well-being of the masses followed this change in economic arrangements.

Perhaps this quote is unfair; this is just a short paper. However a quick review of the google on this issue shows absolutely nothing of the sort. Here’s a typical example of what Bentham thought of the Poor Laws of 1834. Since the greatest good would be produced by the lowest taxes, this author says Bentham supported cutting poor relief to the bone.

Nevertheless, this quote seems to capture a central difference between Friedman’s new liberalism, and 20th Century liberalism, characterized by a willingness to use government to solve problems and rejecting the use of “private voluntary agreements” as solutions. Given the takeover of the mainstream Democratic Party by a version of Friedman’s new liberalism, (maybe changing, huh Rahm?) the current version of that view is largely the province of progressives, by which I mean those who question the prevailing economic discourse of neoliberalism.

Friedman tells us that neoliberalism values freedom, which he says has two parts, economic and political freedom. He claims that economic freedom supports political freedom by establishing a counterweight to the strength of government.

It is important to emphasize that economic arrangements play a dual role in the promotion of a free society. On the one hand, “freedom” in economic arrangements is itself a component of freedom broadly understood, so “economic freedom” is an end in itself to a believer in freedom. In the second place, economic freedom is also an indispensable means toward the achievement of political freedom.

Nobody doubts that economic freedom benefits the rich. The harder problem for Friedman is to explain how economic freedom for the rich benefits the rest of us. At the same time, most of us can see that political freedom can be a tool to make our lives better. We benefit from a well-run government that provides a common infrastructure on which we can build our lives: physical infrastructure like water and sewer services, roads, bridges, and health services; intellectual infrastructure like schools and colleges, research and development, and record-keeping and statistics; and security, in the form of police, fire, EMTs and military. The harder part is to explain how these benefit the very rich, who think they are exempt from such mundane needs; at least, they don’t want to pay for them.

To explain how the 99% benefit from economic freedom, Friedman and his neoliberal colleagues say that the market benefits all of us by allowing us to maximize our personal individual utility in exchanges of various kinds. They claim that the market will always maximize the utility of the individual, and will do a fabulous job of allocating scarce resources. This argument rests on neoclassical economic analysis from the likes of William Stanley Jevons. I think that argument is facially wrong, in part for the reasons I discuss here. There are no competitive markets in the sense Jevons uses the term. The idea that individual benefit at each point in time is the correct measure of utility is silly. It ignores the free rider problem, the problem of the tragedy of the commons, and the simple fact that most of us value our friends and family and neighbors, and want them to have good lives too. I’ll discuss various measures of utility in another post, I hope.

Deeper than this, there is a conflict at the heart of Friedman’s analysis. He claims to favor political freedom, but he argues that it must not be used to infringe on economic freedom. For example, he says:

The citizen of the United States who is compelled by law to devote something like 10% of his income to the purchase of a particular kind of retirement contract, administered by the government, is being deprived of a corresponding part of his own personal freedom.

There isn’t any question that Social Security has worked well to provide minimal support for all of us and our families and the disabled. When Friedman says that it abridges freedom, he is asserting that the only interest of any person is their personal utility at a given moment, which is to pay no taxes. He ignores, as Jevons does not, the personal utility for me in providing for the future, and for taking care of other people today. He is saying that if you disagree with this assessment of utility, you are being damaged by being forced to participate in the system, and that’s a denial of freedom. It’s obviously not political freedom, because Social Security is a valid law. It must be a violation of economic freedom. Or maybe it doesn’t matter.

The essence of political freedom is the absence of coercion of one man by his fellow men. The fundamental danger to political freedom is the concentration of power. The existence of a large measure of power in the hands of a relatively few individuals enables them to use it to coerce their fellow man. Preservation of freedom requires either the elimination of power where that is possible, or its dispersal where it cannot be eliminated.

Again, I’m citing a short paper by Friedman, and perhaps he has a more sophisticated argument, but this is patently absurd. The whole point of government is mutual coercion of all of us not to do things that damage us or the things we share in common, like air and water and safety, and to do things together that we cannot do by ourselves in the exercise of our maximum economic freedom. Friedman is arguing that preventing people from dumping nasty chemicals into rivers from which we drink is an abridgment of personal freedom; and that letting our neighbors die poor and sick is fine as long as we don’t coerce anyone to do anything.

Perhaps the danger of concentrated wealth in the hands of a few thousand people wasn’t paramount in Friedman’s mind, and if he were writing today he might rethink the italicized sentence in that quote. But the plain fact is that one of the best parts of democracy is our ability to protect ourselves from the power of a few rich people. As examples, Elizabeth Warren, Chuy Garcia, and Net Neutrality. Doing so requires a new way of thinking about the economy, because this one isn’t working for anyone except the rich. The first step on that road is knocking down the existing framework of discourse about the economy. And that is the goal of this series of posts.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

NSA’s Dysfunctional Post-Tasking Checks

I noted this in both my working threads on the NSA, CIA and FBI minimization procedures, but it deserves more attention. Sometime in the last several years, the process by which NSA determines whether something they’ve collected is of a person in the US started going flukey, during certain periods. So now there’s a subset of data that analysts — at NSA, CIA, and FBI — all have to check for foreignness before they use it. That also means there is US person data that has been collected but not properly identified.

All three minimization procedures have a paragraph like this:

In the event that NSA seeks to use any information acquired pursuant to section 702 during a time period when there is uncertainty about the location of the target of the acquisition because the [redacted] post-tasking checks described in NSA’s section 702 targeting procedures, NSA will follow its internal procedures for determining whether such information may be used (including, but not limited to, in FISA applications, section 702 targeting, and disseminations). Except as necessary to assess location under this provision, NSA may not use or disclose any information acquired pursuant to section 702 during such time period unless NSA determines, based on the totality of the circumstances, that the target is reasonably believed to have been located outside the United States at the time the information was acquired. If the NSA determines that the target is reasonably believed to have been located inside the United States at the time the information was acquired, such information will not be used and will be promptly destroyed.

Both the fact that this section appears in the Destruction of Raw Data section in NSA’s SMPs (and not the section dedicated to challenges with upstream collection), and the fact that it appears in both the CIA and FBI SMPs (suggesting this is data they’d be getting in raw format, which they don’t get from upstream collection), suggest that this is general 702 data, not upstream data, where NSA has been known to have had a problem in the past.

The fact that the same paragraph, almost verbatim, shows up in all three places, plus the language about using such data for FISA applications, suggests this language came from or is in the SMPs to keep the FISA Court happy. Indeed, there’s probably a nice FISC opinion that explains how FISC learned that NSA’s targeting process was flawed.

We know this problem was identified sometime between October 2011 and July 2014 because this language doesn’t show up in the 2011 NSA SMPs. There are few things that are identifiable in the Intelligence Oversight Board reports that could be a dysfunction that would merit a FISC order, though there are a number — such as these two redacted paragraphs on Systems Errors in the middle of the FISA section of the Q1 2013 (which covers the last three months of 2012) report that might be such a problem.

Screen Shot 2015-02-25 at 8.56.26 AM

Or perhaps the problem is even more recent, meaning it would have been reported in the 2 years of IOB reports we don’t have.

To be sure, it appears FISC has required that all agencies accessing raw data do the kind of location checks that the failed system would otherwise have done. So US person data won’t be used, it’ll just sit in NSA’s (or CIA or FBI’s) servers until it is discovered.

But this is one of a number of examples we see in the IOB reports (the purge process, which was also not working for a while, is another; that seems to have been or is being fixed with the Master Purge List that appears in these SMPs) where the software checks designed to protect Americans failed. That doesn’t indicate any animus or ill-intent. But it does suggest the complexity of this system continues to result in failures that — regardless of intent — also present a privacy risk.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Insanity Continues to Build Around Prospect of Iran Nuclear Pact

From the nature of the political feeding frenzy surrounding the ongoing P5+1 negotiations with Iran on Iran’s nuclear technology, it is hard to believe that the Joint Plan of Action under which the countries are now operating was extended last November through the end of June of this year. At the time of that extension, the US announced a goal of having the political framework of the final agreement worked out by March 1. That date has now slipped to March 31, but current negotiations are still aimed at getting the political framework in place before the final details get ironed out. But with Benjamin Netanyahu making a speech to a Joint Session of Congress next week and other assorted madness, one would think that we are in the last few hours of the negotiating window.

Of course, one of the groups most upset by the possible outcome of removing the US sanctions against Iran is the MEK. Their latest tantrum, yesterday, in which they tried to claim that they had discovered a new, secret uranium enrichment site, was mostly ignored by the world. Jeffrey Lewis was quick to dismiss the accusation.

I had noted yesterday that Dianne Feinstein and Richard Durbin had tried to give Netanyahu some bipartisany-ness during his visit by inviting him to a closed-door meeting with Senate Democrats, but Netanyahu declined the invitation, inexplicably claiming that meeting would lend a partisan nature to his nonpartisan appearance before Congress. Bibi also got slapped down, though, as his bid to get several Arab ambassadors to show up for his speech has been rejected outright.

Just as the US military hates to see peace break out somewhere where they could otherwise be arming and training freedom fighters, Iran’s military seems especially upset by the prospect of a deal with the West. The IRGC is so upset about what is going on that today they broke one of their biggest toys in a fit of rage. Just under a year ago, word came out that Iran was building a replica of a Nimitz-class US aircraft carrier:

Intelligence analysts studying satellite photos of Iranian military installations first noticed the vessel rising from the Gachin shipyard, near Bandar Abbas on the Persian Gulf, last summer. The ship has the same distinctive shape and style of the Navy’s Nimitz-class carriers, as well as the Nimitz’s number 68 neatly painted in white near the bow. Mock aircraft can be seen on the flight deck.

The Iranian mock-up, which American officials described as more like a barge than a warship, has no nuclear propulsion system and is only about two-thirds the length of a typical 1,100-foot-long Navy carrier. Intelligence officials do not believe that Iran is capable of building an actual aircraft carrier.

/snip/

Navy and other American intelligence analysts surmise that the vessel, which Fifth Fleet wags have nicknamed the Target Barge, is something that Iran could tow to sea, anchor and blow up — while filming the whole thing to make a propaganda point, if, say, the talks with the Western powers over Iran’s nuclear program go south.

Marcy had a bit of fun with the barge at the time, comparing it to our F-35 program.

But now, instead of waiting for the P5+1 talks to “go south”, the IRGC has chosen to destroy their target barge in war games that were launched today. And, just as predicted a year ago, the destruction of the barge was televised. From AP via the Washington Post:

State TV showed footage of missiles fired from the coast and the fast boats striking the mock U.S. aircraft carrier. The drills, which also included shooting down a drone and planting undersea mines, were the first to involve a replica of a U.S. carrier.

“American aircraft carriers are very big ammunition depots housing a lot of missiles, rockets, torpedoes and everything else,” the Guard’s navy chief, Adm. Ali Fadavi, said on state TV, adding that a direct hit by a missile could set off a large secondary explosion. Last month Fadavi said his force is capable of sinking American aircraft carriers in the event of war.

Here is a PressTV segment on the war games, complete with some footage of torpedoes hitting the barge:

Additional footage with more direct hits on the barge can be seen in this PressTV story.

The US Navy has now been sternly warned not to tow any barges into the Strait of Hormuz.

Meanwhile, more negotiations are scheduled for Monday.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

FBI Now Holding Up Michael Horowitz’ Investigation into the DEA

Man, at some point Congress is going to have to declare the FBI legally contemptuous and throw them in jail.

They continue to refuse to cooperate with DOJ’s Inspector General, as they have been for basically 5 years. But in Michael Horowitz’ latest complaint to Congress, he adds a new spin: FBI is not only obstructing his investigation of the FBI’s management impaired surveillance, now FBI is obstructing his investigation of DEA’s management impaired surveillance.

I first reported on DOJ IG’s investigation into DEA’s dragnet databases last April. At that point, the only dragnet we knew about was Hemisphere, which DEA uses to obtain years of phone records as well as location data and other details, before it them parallel constructs that data out of a defendant’s reach.

But since then, we’ve learned of what the government claims to be another database — that used to identify Shantia Hassanshahi in an Iranian sanctions case. After some delay, the government revealed that this was another dragnet, including just international calls. It claims that this database was suspended in September 2013 (around the time Hemisphere became public) and that it is no longer obtaining bulk records for it.

According to the latest installment of Michael Horowitz’ complaints about FBI obstruction, he tried to obtain records on the DEA databases on November 20, 2014 (of note, during the period when the government was still refusing to tell even Judge Rudolph Contreras what the database implicating Hassanshahi was). FBI slow-walked production, but promised to provide everything to Horowitz by February 13, 2015. FBI has decided it has to keep reviewing the emails in question to see if there is grand jury, Title III electronic surveillance, and Fair Credit Reporting Act materials, which are the same categories of stuff FBI has refused in the past. So Horowitz is pointing to the language tied to DOJ’s appropriations for FY 2015 which (basically) defunded FBI obstruction.

Only FBI continues to obstruct.

There’s one more question about this. As noted, this investigation is supposed to be about DEA’s databases. We’ve already seen that FBI uses Hemisphere (when I asked FBI for comment in advance of this February 4, 2014 article on FBI obstinance, Hemisphere was the one thing they refused all comment on). And obviously, FBI access another DEA database to go after Hassanshahi.

So that may be the only reason why Horowitz needs the FBI’s cooperation to investigate the DEA’s dragnets.

Plus, assuming FBI is parallel constructing these dragnets just like DEA is, I can understand why they’d want to withhold grand jury information, which would make that clear.

Still, I can’t help but wonder — as I have in the past — whether these dragnets are all connected, a constantly moving shell game.

That might explain why FBI is so intent on obstructing Horowitz again.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Bibi Lied to UN in 2012, Likely to Lie to US Next Week

Look carefully. Are his lips moving?

Look carefully. Are his lips moving?

Benjamin Netanyahu overstated Iran’s nuclear technology in 2012 when he used his bomb cartoon in an address to the United Nations. The Guardian and Al Jazeera have released a trove of documents relating to Iran’s nuclear program and one of the key documents was prepared by Mossad to brief South Africa just a few short weeks after the famous speech. From The Guardian:

Binyamin Netanyahu’s dramatic declaration to world leaders in 2012 that Iran was about a year away from making a nuclear bomb was contradicted by his own secret service, according to a top-secret Mossad document.

/snip/

Brandishing a cartoon of a bomb with a red line to illustrate his point, the Israeli prime minister warned the UN in New York that Iran would be able to build nuclear weapons the following year and called for action to halt the process.

But in a secret report shared with South Africa a few weeks later, Israel’s intelligence agency concluded that Iran was “not performing the activity necessary to produce weapons”. The report highlights the gulf between the public claims and rhetoric of top Israeli politicians and the assessments of Israel’s military and intelligence establishment.

As The Guardian notes, although Bibi’s darling little cartoon makes little to no distinction between the steps of enriching uranium to 20% and enriching it to the 90%+ needed for a bomb, the Mossad document (pdf) states that Iran “is not ready” to enrich to the higher levels needed for a bomb:

enrichment

Despite that clear information that Mossad surely already had at the time of the UN speech (h/t Andrew Fishman for the link), Netanyahu chose to portray Iran as ready to zip through the final stage of enrichment:

Now they’re well into the second stage. And by next spring, at most by next summer, at current enrichment rates, they will have finished the medium enrichment and move on to the final stage. From there, it’s only a few months, possibly a few weeks, before they get enough enriched uranium for the first bomb.

So Netanyahu described a step that the Mossad described Iran as not even ready to start and turned it into something Iran was eager to accomplish in a few weeks. Simply put, that is a lie.

Of further note in the document is information relating to the heavy water reactor under construction at Arak. Although it doesn’t appear that Netanyahu mentioned it in the UN speech, it often is portrayed as another rapid route to a nuclear weapon for Iran, because, when finally functioning, it could produce plutonium that could be used in a bomb. Mossad found, however, that Iran was still a couple of years away from having the reactor functioning. Further, Mossad realized that Iran needs a fuel reprocessing facility (that it does not have) in order to use the plutonium in a bomb:

Arak

It should also be noted that those two years have elapsed and the reactor still has not been powered up. Further, there are proposals that the reactor can be modified to make it produce a dramatically lower amount of plutonium.

These documents have been released with very important timing. As I noted last week, Netanyahu aims to destroy the P5+1 negotiations with Iran. By pointing out his lies two years ago, we should be in a better position to see through whatever obfuscation he delivers next week. But with a new air of bipartisany-ness, to his visit, don’t look for Washington politicians to be the ones to point out his next round of lies.

Postscript: I am significantly behind on my homework. I owe Marcy a careful reading of the technical documents from the Sterling trial and need to follow up more fully on the suggestions that false documents (including the Laptop of Death?) were planted with Iran for the IAEA to discover. Now with this new trove of documents and the looming date of Netanyahu’s visit, I need to get busy (on something other than planting blueberries)!

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Does the FBI STILL Have an Identity Crisis?

I’ve finished up my working threads on the NSA, CIA, and FBI Section 702 minimization procedures. And they suggest that FBI has an identity crisis. Or rather, an inability to describe what it means by “identification of a US person” in unclassified form.

Both the NSA and CIA minimization procedures have some form of this definitional paragraph (this one is NSA’s):

Identification of a United States person means (1) the name, unique title, or address of a United States person; or (2) other personal identifiers of a United States person when appearing in the context of activities conducted by that person or activities conducted by others that are related to that person. A reference to a product by brand name, or manufacturer’s name or the use of a name in a descriptive sense, e.g., “Monroe Doctrine,” is not an identification of a United States person.

Even though the FBI minimization procedures have a (briefer than NSA and CIA’s) definitional section and gets into when someone counts as US person from a geographical standpoint, it doesn’t have the equivalent paragraph on what they consider US person identifying information, which is central to minimization procedures.

Now, I might assume that this is just an oversight, something FBI forgot to incorporate as it was writing its own 702 minimization procedures incorporating what NSA has done.

Except that we know the FBI has suffered from this same kind of identity crisis in the past, in an analogous situation. As Glenn Fine described in the 2008 Inspector General Report on Section 215 (the one the successor for which has been stalled for declassification review for over 6 months), the FBI never got around to (and almost certainly still hasn’t gotten around to, except under modifications from the FISA Court) complying with Section 215′s requirement that it adopt minimization procedures specific to Section 215.

One holdup was disagreement over what constituted US person identifying information.

Unresolved issues included the time period for retention of information, definitional issues of “U.S. person identifying information,” and whether to include procedures for addressing material received in response to, but beyond the scope of, the FISA Court order; uploading information into FBI databases; and handling large or sensitive data collections.

(Note, there’s very good reason to believe FBI is still having all these problems, not least because several of them showed up in Michael Horowitz’ NSL IG Report last year.)

One problem Fine pointed out is that the AG Guidelines adopted in lieu of real minimization procedures don’t provide any guidance on when US identifying information is necessary to share.

When we asked how an agent would determine, for example, whether the disclosure of U.S. person identifying information is necessary to understand foreign intelligence or assess its importance, the FBI General Counsel stated that the determination must be made on a case-by-case basis.

While NSA’s 702 SMPs do lay out cases when FBI can and cannot share US person identifying information (those are, in some ways, less permissive than CIA’s sharing guidelines, if you ignore the entire criminal application and FBI’s passive voice when it comes to handling “sensitive” collections), if the guidelines for what counts as PII are not clear — or if they’re expansive enough to exempt (for example) Internet handles such as “emptywheel” that would clearly count as PII under NSA and CIA’s SMPs, then it would mean far more information on Americans can be shared in unminimized form.

And remember, FBI’s sharing rules are already far more lenient than NSA’s, especially with regards to sharing with state, local, and other law enforcement partners.

Call me crazy. But given the FBI’s past problems defining precisely this thing, I suspect they’re still refusing to do so.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Working Thread: 702 Minimization Procedures (NSA and CIA)

NSA

These SMPs have not changed significantly since they were changed in the wake of the 2011 upstream ruling. The exceptions are:

(1) “of information, including non-publicly available information” was added to the first paragraph. This may suggest NSA is also using publicly available information (which you would think they would anyway, if only to integrate public Twitter and other social media) in their analysis.

(1) The third paragraph (which has a counterpart in FBI SMPs) is new. I wonder whether there have been IG access problems in the past, notably when both FBI and NSA did big 702 IG Reports in 2012?

(2) (f) I’ve added this to the FBI SMPs. But NSA and CIA SMPs, unlike FBI ones, include this language defining what identification means. FBI has been dodging this on other issues as well in recent years (including the illusory 215 SMPs), so I suspect its lack of such language suggests FBI’s interpreting it very narrowly.

(2) (j) Some of these paragraphs now marked unclassified, such as this one, were marked S/SI in 2011. That you Snowden.

(3) (k)(3) This changes an automatic loss of USP rights if someone loses their resident alien status from the 2011 SMPs.

(3) (b)(1) In 2011, this paragraph specified “in processing cycle” in the earliest practicable point, suggesting it may have gotten moved later.

(4) This takes out a paragraph (formerly paragraph 3) on retaining storage tapes.

(4) (1)(a) The “including metadata” language is newly unredacted, as another reference to obtaining metadata from upstream collection also is.

(5) Through these SMPs, including at (b)(1), add language about how to deal with upstream transactions, permitting the use of them if they’re targeted and aren’t all USPs.

(6) Paragraph 4 is the other newly unredacted discussion of metadata use.

(7-8) The destruction paragraphs 3 and 4 are both entirely new. The 2011 stuff seems to reflect a decision at the end of 2011 to destroy its upstream USP transactions. The litigation paragraph reflects some other language elsewhere.

(8) Paragraph e has counterparts in the FBI and CIA SMPs, suggesting there was a significant problem with location tracking. Unless I’m mistaken, that doesn’t show up in IOB reports (as, for example, the purge tool does).

(9) There are more strictures in place for deciding to keep domestic communications.

(10) The last (unnumbered) paragraph on the page adds the ability to share target location.

(11) Note the reference to the Master Purge List, which was a big issue in recent years (because it wasn’t functioning the way it was supposed to).


CIA

(1-2) CIA has better repository language than FBI.

(2) Note NCS Director gets to decide to retain things longer than 5 years (though I would assume this would change if Brennan gets his Cyber expansion).

(2) CIA gets to keep unminimized USP data if they “may be a target of intelligence activities of a foreign power.”

(2) As with NSA (though their language is different), the CIA gets to keep USP data if “a United States person has engaged or may be engaging in the unauthorized disclosure of properly classified national security information.” Surely the FBI gets to keep this too, they just describe it differently.

(2) I do believe this USP retention is unique to CIA:

The information concerns corporations or other commercial organizations the deletion of which would hamper the correlation of foreign intelligence information on the same subject;

(3) Amid a slew of USP retention clauses (including one for people who pose a threat of sabotage to any US IC facility, which is problematic), there’s entirely redacted h. My guess is this is about people who facilitate terrorism but who aren’t terrorists (or perhaps who read stuff that is bad).

(3) As with FBI, the metadata paragraph (4a) is fairly broad, and permits copying of all such metadata.

(4) As with FBI, there’s this oblique paragraph (4b) that doesn’t require tracking of queries that don’t get to the underlying FISA data.

(4) CIA, unlike FBI and NSA, explicitly limits the technical database to technical personnel.

(5) CIA has a paragraph like FBI and NSA permitting them to keep data for a year to assess whether they’ve been compromised.

(5) CIA’s Attorney Client paragraph is similar to what FBI’s used to be.

(6) It’s odd that CIA has a long passage on federal translators or technical assistance, whereas NSA has its international one. I’d expect CIA to rely on other governments too (though it does have a foreign govt dissemination section too, of similar length).

(6) Unsurprisingly, CIA has multiple ways to share with foreign governments, all but translation redacted.

(9) Bizarrely, an entire big paragraph is redacted to end the SMPs. It probably deals with USP (or domestically collected) data, by context, but that’s a WAG.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Emptywheel Twitterverse

JimWhiteGNV #TBT 1998: Bethany hanging out in my ladybug lab. http://t.co/xEGEy5W3kH
14mreplyretweetfavorite
JimWhiteGNV RT @BBCWorld: Liberia goes one week without reporting any new cases of #Ebola for first time since May 2014 http://t.co/oEByCGQfsR http://t…
33mreplyretweetfavorite
emptywheel @thegrugq Agree. But also, calls with Merkel (which include MoCs, presumably) one of few things that concerns MoCs.
2hreplyretweetfavorite
emptywheel @drfarls If you wait just a few days Fat Al Gore will melt it all for you, w/potentially exciting results.
2hreplyretweetfavorite
emptywheel @NoahShachtman Also the concept of sending "Young Christian men" to help.
2hreplyretweetfavorite
emptywheel @NoahShachtman Especially appreciate the retired General saying there's no reason the govt needs a "monopoly" on this stuff.
2hreplyretweetfavorite
bmaz @nitpicker777 @the_intercept @ggreenwald What he wants is ability to argue a justification defense for whistleblowing; diff than nullifcatin
2hreplyretweetfavorite
emptywheel So it's March: In like a polar bear, out like a soggy penguin this year?
2hreplyretweetfavorite
bmaz RT @the_intercept: The "Snowden is ready to come home" story is a case study in media deceit, writes @ggreenwald. http://t.co/Fxo1RKgM4U ht…
5hreplyretweetfavorite
bmaz @armandodkos @MarcACaputo Shockingly little general focus on Chevron though. I am stunned.
5hreplyretweetfavorite
emptywheel @astepanovich Sharknado was an instant classic too you know. (And no, I'm not watching.)
11hreplyretweetfavorite
emptywheel @CUEwindsearch No. You sign NDAs when you work w/govt. Snowden did. That's why he's being prosecuted. @korch
11hreplyretweetfavorite
March 2015
S M T W T F S
« Feb    
1234567
891011121314
15161718192021
22232425262728
293031