I’m working my way through the FISA related documents released last week. And I wanted to point out something that happened around October 2010: the NSA tried to turn 702 into a domestic surveillance program.

First, some background. Before 2011, it appears the government got 702 certificates approved every six months. Also, because the initial certificates were approved a month apart (in part because the initial PAA certificates were also approved a month apart for some really interesting reasons), the government submitted two sets of documents. That’s what explains the nearly identical pairs of documents released last week (Documents 11 and 5 approve 2009 certs, and Documents 4 and 2 approve 2010 certs).

Sometime in late summer to fall 2010, the government submitted a pretty dramatically altered request (see Document 16). [Update: This targeting certificate from 2010 was submitted on July 16, though that feels like odd timing and none of the targets are described as including US persons.]

As part of that, the government defined one of the targets to include US persons (albeit ones apparently located overseas).

Moreover, the government has defined the term [redacted] to include US persons, which raises the question whether permitting the intentional acquisition of communications of US persons reasonably believed to be located outside the United States is consistent with the requirements of 50 U. S.C. § 1881 a(b)(3).

In addition, the government requested to keep and disseminate any US person or domestic data it found “to the extent reasonably necessary to counter any imminent threat to human life or the national security that is related to the target.”

Another significant change to the minimization procedures relates to the provisions that allow NSA to retain, process, and disseminate any communication acquired while a target of 702 collection was inside the United States or after a target has been determined to be a United States person, “to the extent reasonably necessary to counter any imminent threat to human life or the national security that is related to the target, including obtaining authorization against the target pursuant to another section of the Act.” NSA Minimization Procedures at 7-10.

Whereas later minimization procedures have language about protecting imminent threats (defined broadly to include property), this request included vague “threat to national security” language.

Finally, John Bates implied that the submission implicated some prior court decision(s), including one by the FISCR.

Remarkably, these prior decisions (as well as the name of the target that includes US persons) were redacted with the b(7)E law enforcement technique exemption, not the b(1) or b(3) that covers most of the other redactions in these memos. I can’t recall any other b(7)E redaction in all the FISA orders I’ve read.

Also note, that in 2010, there were only two known FISCR opinions, the one tearing down the wall in 2002, and the one authorizing PRISM in 2008; this may be an as yet unidentified FISCR opinion.

By all appearances, in fall of 2010, the government tried to get approval to use 702 against US persons.

In response to this request, Bates basically said, “submit a legal justification.”

To date, the government has not provided the Court with an adequate legal basis upon which to undertake this review and make the required findings. Therefore, and in accordance with Rule 10(a)(ii) of the Foreign Intelligence Surveillance Court Rules of Procedure, the Court hereby ORDERS the government to file a written memorandum of law that addresses the legal issues identified in this Briefing Order and any others that have not previously been presented to the Court.

Document 4 and Document 2 reveal that the government submitted that memorandum. But after the court saw it and discussed it, the government basically said, “um, nevermind”

The government timely filed its Memorandum of Law on [redacted] 2010.

The Court then discussed the issues presented with representatives of the government on [redacted] 2010, at which time the Court identified certain concerns regarding the government’s submissions. On [redacted], 2010, the Attorney General and the DNI executed two amendments regarding the [redacted] Submission, which were filed with the Court as part of the [redacted] Submission. These amendments have the effect of reverting to the use of targeting and minimization procedures previously approved by the Court in the context of prior certifications.

Just to make sure the government got the message, Bates emphasized that his 2010 approvals were limited to non-US persons outside of the US.

Like the acquisitions approved by the Court in all of the Prior 702 Dockets, acquisitions under are limited to “the targeting of non-United States persons reasonably believed to be located outside the United States.”

This all had to have happened after July 2010 (because the approvals cite Bates July 2010 opinion restarting the PRTT dragnet). But the approvals almost certainly happened in November, because the government submitted its reauthorization applications on April 20 and 22 the following year and they were still doing reauthorizations every six months with applications submitted a month in advance.

So in 2010, the government asked to use 702 to spy on Americans, Bates called them on it, and they backed down.

Sort of. On May 2, the government confessed for the first time that it had been collecting US person data all along.

Today, the Senate Intelligence Committee had a hearing on Section 702 of FISA. It basically went something like this:

It’s okay that we have a massive dragnet because the men running it are very honorable and diligent.

The men running the dragnet refuse to answer a series of straight questions, and when they do, they’re either wrong or deeply dishonest.

I’ll lay that out in more detail later.

But the most important example is an exchange between Ron Wyden and Dan Coats that will reverberate like Clapper’s now famous answer to Wyden that they don’t “wittingly” collect on millions of Americans. It went like this:

Wyden: Can the government use FISA 702 to collect communications it knows are entirely domestic?

Coats: Not to my knowledge. It would be against the law.

Coats’ knowledge should necessarily extend at least as far as Rosemary Collyer’s opinion reauthorizing the dragnet that Coats oversees, which was, after all, the topic of the hearing. And that opinion makes it quite clear that even under the new more limited regime, the NSA can collect entirely domestic communications.

Indeed, the passage makes clear that that example was presented in the memo tied to the certification about Section 702 that Coats signed (but did not release publicly). Effectively, Dan Coats signed a certificate on March 30 stating that this collection was alright.

I’m not sure what this example refers to. Collyer claims it has to do with MCTs, though like Dan Coats, she didn’t seem to understand the program she approved. There are multiple ways I know of where entirely domestic communications may be collected under 702, which I’ll write about in the near future.

In any case, if Dan Coats was being truthful in response to Wyden’s question, then he, at the same time, admitted that he certified a program without even reading the accompanying memorandum, and certainly without understanding the privacy problems with the program as constituted.

He either lied to Wyden. Or admitted that the current 702 certification was signed by someone who didn’t understand what he was attesting to.

Update: I did a version of this (including comment on Mike Rogers’ testimony) for Motherboard. It includes this explanation for Coats’ comment.

Section 702(b)(4) plainly states we ‘may not intentionally acquire any communication as to which the sender and all intended recipients are known at the time of acquisition to be located in the United States.’ The DNI interpreted Senator Wyden’s question to ask about this provision and answered accordingly.

I’m working through some weedy NSA stuff, and wanted to “handle” a discrete point about a change in NSA’s Section 702 minimization procedures dating to 2012.

Earlier this year, the government provided ACLU with the full Section 702 order from 2012, though ACLU re-released it last week with a bunch of other things (and the opinion makes more sense in conjunction with these releases). Previously, the government had just released the 9 pages of the opinion pertaining to John Bates’ satisfaction that the NSA had properly dealt with all the domestic upstream transactions it had acquired prior to October 31, 2011. The newly unredacted material in the version of the opinion released this year include details about changes to the 702 minimization procedures in 2012, as well as language describing five pages from a November 2011 opinion resolving the upstream surveillance.

NSA starts formally distinguishing between “processing” and “handling” data (without defining the latter in minimization procedures)

One change the government made in 2012 was to distinguish in minimization procedures between data it “processed” and data it “handled.”

“Processing” versus “handling” information. In a number of places in the amended NSA minimization procedures, the government has replaced the term “processed” with the word “handled.” See Amended NSA Minimization Procedures at 9 (§ 5(1)) & 12 (§§ 6(c)(l) & 6(c)(2)). Both the previously-approved NSA minimization procedures and the amended procedures define the terms “processed” or “processing” to mean “any step necessary to convert a communication into an intelligible form intended for human inspection.” Id. at 2 (§ 2(h)). The previously-approved procedures did not uniformly use the terms in a manner consistent with that narrow definition. This clarifying change remedies that inconsistency by using the distinct term “handled” or “handling” to refer to the treatment of communications after they have been rendered intelligible for human inspection. This non-substantive change reduces the potential for confusion and mistake and raises no issue under Section 1801(h).

Now, we can’t see exactly what this change looks like, because we only have the 2011 and 2014 minimization procedures, not the 2012 that implemented this change. In 2011 the minimization procedures mentioned “processing” data 18 times (including the definition) and “handling” it just three times (neither of these minimization procedures define “handling”). By the 2014 minimization procedures, “process” is mentioned just four times (including the two definitional references), and “handl[e]” is mentioned 18 times. As I’ll lay out below, the word processing came to be used exclusively for data manipulation for which the NSA would want plausible deniability regarding the status of US person communications. So I wanted to track all the changes and retentions of the two terms.

Three changes are made immediately

The 2012 and 2013 minimization procedures may have made some interim changes. As noted, the opinion cites just three passages of what would become the 2012 minimization procedures where the language changed.

The first, at page 9§5(1) in the 2014 minimization procedures, is part of the language changed in 2012 to allow NSA to keep and play with domestic communications that have significant foreign intelligence value, as opposed to just handing it on to FBI. [my emphases, using bold for things changed to “handle” and italics for things that remain “process” throughout]

such domestic communication is reasonably believed to contain significant foreign intelligence information. Such domestic communication (and, if applicable, the transaction in which it is contained) may be retained, handled, and disseminated in accordance with these procedures;

And on page 13 at §§ 6(c)(l) & 6(c)(2), which permit the sharing of information with CIA and FBI.

(1) (U) NSA may provide to the Central Intelligence Agency (CIA) unminimized communications acquired pursuant to section 702 of the Act. CIA will identify to NSA targets for which NSA may provide unminimized communications to CIA. CIA will handle any such unminimized communications received from NSA in accordance with CIA minimization procedures adopted by the Attorney General, in consultation with the Director of National Intelligence, pursuant to subsection 702(e) of the Act.

(2) (U) NSA may provide to the FBI unminimized communications acquired pursuant to section 702 of the Act. The FBI will identify to NSA targets for which NSA may provide unminimized communications to the FBI. The FBI will handle any such unminimized communications received from NSA in accordance with FBI minimization procedures adopted by the Attorney General, in consultation with the Director of National Intelligence, pursuant to subsection 702(e) of the Act.

Handle got introduced in the discussion of transactions

But, as noted above, either the NSA made the “process” to “handle” change in far more places in 2012 than noted in the opinion or it continued to change things from “process” to “handle” between 2012 and 2014.

To begin with, in 2011 there were already three uses of the word “handle.” Those were all in the discussion on how to deal with upstream transactions, and so would have been new in 2011.

On page 4, §3(b)(5)(a)(1)(b), which discusses how the NSA should treat multiple communication transactions (MCTs) that have been reviewed and moved into more generally accessible repositories.

Any information moved or copied from the segregated repository into repositories more generally accessible to NSA analysts will be processed in accordance with subsection 3(b)(5)(b) below and handled in accordance the other applicable provisions of these procedures.

On page 5, §3(b)(5)(a)(2), which discusses upstream communications that are not segregated as MCTs most likely to include US person transactions.

Internet transactions that are not identified and segregated pursuant to subsection 3(b)(5)a. will be processed in accordance with subsection 3(b)(5)(b) below and handled in accordance with the other applicable provisions of these procedures.

And on page 5, §3(b)(5)(b)(2)(a), which explains that if an analyst wants to use a communication within a transaction that involves the actual selector that identified the communication, the analyst can treat US person information as it would normally (that is, as incidental communication).

If the discrete communication is to, from, or about a tasked selector, any U.S. person information in that communication will be handled in accordance with the applicable provisions of these procedures.

The transition from “process” to “handle” may have happened in interim minimization procedures

So the minimization procedures started to move to “handle” in 2011, at least three more instances did so in 2012, but by the 2014 minimization procedures, “process” is retained just four times (including the two definitional references). The two remaining non-definitional uses of processing are page 4, §3(b)(4)(a)(1), which effectively permits an exception to the segregation rules on upstream MCTs in order to render upstream collection intelligible to analysts.

Notwithstanding subsection 3(b)(4)a. above, NSA may process Internet transactions acquired through NSA upstream collection techniques in order to render such transactions intelligible to analysts.

In 2011, this was the introduction of the following clause, though it defined processing as “(e.g., decryption, translation).”

And page 14 §8(b), which permits NSA to share information with foreign governments for technical and linguistic assistance.

It is anticipated that NSA may obtain information or communications that, because of their technical or linguistic content, may require further analysis by foreign governments to assist NSA in determining their meaning or significance. Notwithstanding other provisions of these minimization procedures, NSA may disseminate computer disks, tape recordings, transcripts, or other information or items containing unminimized information or communications acquired pursuant to section 702 to foreign governments for further processing and analysis, under the following restrictions with respect to any materials so disseminated:

The other mentions of processing that get lost between 2011 and 2014 are §3(b)(1), which takes out a reference to the “processing cycle.”  §3(b)(3) provides explicit permission to process magnetic tapes or other storage media.

Finally, one use of “process” got dropped at §3(b)(4). In 2011, the passage stated that only domestic transactions that are fit the retention exception may be “processed,” a meaning which would now be handled. But the 2011 clause still permitted other transactions to be “retained or disseminated,” according to the procedures.

2011:

As a communication is reviewed, NSA analyst(s) will determine whether it is a domestic or foreign communication to, from, or about a target and is reasonably believed to contain foreign intelligence information or evidence of a crime. Only such communications may be processed. All other communications may be retained or disseminated only in accordance with Sections 5, 6, and 8 of these procedures.

2014:

As a communication is reviewed, NSA analyst(s) will determine whether it is a domestic or foreign communication to, from, or about a target and is reasonably believed to contain foreign intelligence information or evidence of a crime for purposes of assessing how the communication should be handled in accordance with these procedures.

The Administrative Office of the Courts just released the FISC annual report, the first full year report issued after USA Freedom Act.

I’ll work on more analysis in a moment, but wanted to point to something that is fairly remarkable, if I’m reading the report correctly.

Here’s the top line report for the year. Note, in particular, the 1881a line.

As last year’s report did, this year’s redacts the number of certificates the government applied for. But then the footnote reads, in part,

The government submitted this number of certification(s) during calendar year 2016 but the Court did not take action on any such certification(s) within the calendar year.

That, plus the “0”s in the table, seems to state clearly that the FISC did not approve last year’s Section 702 application.

What that likely means, given the precedent set in 2011, is that the government submitted applications (usually they do this with a month of lead time), but the court would not approve the applications as submitted. In 2011, the government got a series of extensions, so 702 never lapsed. The prior approval before last year was November 6, 2015, so it would only have had to have been extended 2 months to get into this year. So that seems to suggest there was at least a three month (application time plus extension) delay in approving the certifications for this year.

Note, too, that the report shows the only amicus appointed last year was Marc Zwillinger for a known PRTT application, so this hold up wasn’t even related to an amicus complaint.

In any case, this may reflect significant issues with 702.

Update: Here’s the 2011 702 opinion, which documents the last known time this happened (though there must have been a roughly month-long delay once since then). After submitting an application in April for May reauthorization, the government got two 60-day extensions, and one more month-long extensions, with final approval on October 3, 2011. It appears there was no big problem with getting the extensions (though at one point, Bates had a meeting with DOJ to tell them he was serious about the reapproval process), so presumably any extension in November would have been granted without much fuss.

One other thing that is worth noting. On September 27, 2016, then Assistant Attorney General John Carlin announced he would be leaving in a month. Mary McCord (who announced her own departure today) took over on October 15. So the transition between the two of them would have happened in the weeks before the certificates would have normally been reauthorized. Whatever Carlin’s reasons for leaving (which has never been made public, as far as I know) the transition between the two of them may have exacerbated any delay.

As the next step in the effort to reauthorize FISA Section 702, I Con the Record has a released a “generally” useful Q&A document on the law. For those who haven’t been following along, it includes links to many (though not all) of the public resources on Section 702. It provides a generally fair overview, with some new almost admissions, which should at least provide Congress with a road map for unanswered questions they should demand answers on.

Downplaying FBI back door searches

My biggest gripe with the report parallels a gripe I’ve had about public testimony on Section 702 since the first confirmations that the NSA, CIA, and FBI can conduct queries on raw data — back door searches. In public hearings, the intelligence community always sends NSA witnesses who can describe, as former NSA lawyer April Doss did in March, a back door search process that is fairly constrained.

I’m most familiar with NSA’s processes: NSA analysts must obtain prior approval to run U.S. person identifier queries in FAA 702 content; there must be a basis to believe the query is reasonably likely to return foreign intelligence information; all queries are logged and reviewed after the fact by NSA; and DoJ and ODNI review every U.S. person query run at NSA and CIA, along with the documented justifications for those queries.

Of course, even though this description is completely true (as far as we know), it is completely useless when it comes to helping Congress understand the problems inherent to back door searches.

Here’s what the Q&A document says about back door searches.

The government’s minimization procedures restrict the ability of analysts to query the databases that hold “raw” Section 702 information (i.e., where information identifying a U.S. person has not yet been minimized for permanent retention) using an identifier, such as a name or telephone number, that is associated with a U.S. person. Generally, queries of raw content are only permitted if they are reasonably designed to identify foreign intelligence information, although the FBI also may conduct such queries to identify evidence of a crime. As part of Section 702’s extensive oversight, DOJ and ODNI review the agencies’ U.S. person queries of content to ensure the query satisfies the legal standard. Any compliance incidents are reported to Congress and the FISC.

12 Queries of Section 702 data using U.S. person identifiers are sometimes mischaracterized in the public discourse as “backdoor searches.”

While it’s true that NSA and CIA minimization procedures impose limits on when an analyst can query raw data for content (but not for metadata at CIA), that’s simply not true at FBI, where the primary rule is that if someone is not cleared for FISA themselves, they ask a buddy to access the information. As a result — and because FBI queries FISA data for any national security assessment and “with some frequency” in the course of criminal investigations. In other words, partly because FBI is a domestic agency and partly because it has broader querying authorities, it conduct a “substantial” number of queries as opposed to the thousands done by CIA. Here’s how PCLOB describes it:

In 2013, the NSA approved 198 U.S. person identifiers to be used as content query terms.

[snip]

In 2013, the CIA conducted approximately 1,900 content queries using U.S. person identifiers. Approximately forty percent of these content queries were at the request of other U.S. intelligence agencies. Some identifiers were queried more than once; the CIA has advised that approximately 1,400 unique identifiers were queried during this period.

[snip]

The CIA does not track how many metadata-only queries using U.S. person identities have been conducted.

[snip]

[T]he FBI’s minimization procedures differ from the NSA and CIA’s procedures insofar as they permit the FBI to conduct reasonably designed queries “to find and extract” both “foreign intelligence information” and “evidence of a crime.”

[snip]

Because they are not identified as such in FBI systems, the FBI does not track the number of queries using U.S. person identifiers. The number of such queries, however, is substantial for two reasons. First, the FBI stores electronic data obtained from traditional FISA electronic surveillance and physical searches, which often target U.S. persons, in the same repositories as the FBI stores Section 702–acquired data, which cannot be acquired through the intentional targeting of U.S. persons. As such, FBI agents and analysts who query data using the identifiers of their U.S. person traditional FISA targets will also simultaneously query Section 702–acquired data. Second, whenever the FBI opens a new national security investigation or assessment, FBI personnel will query previously acquired information from a variety of sources, including Section 702, for information relevant to the investigation or assessment. With some frequency, FBI personnel will also query this data, including Section 702– acquired information, in the course of criminal investigations and assessments that are unrelated to national security efforts.

So it’s simply dishonest to say that, “Generally, queries of raw content are only permitted if they are reasonably designed to identify foreign intelligence information,” because the most common queries involve national security and common criminal purposes as well. “Generally,” the queries don’t require such things, unless you’re focusing primarily at CIA and NSA, where the threat to US person privacy at the least.

Then, one thing this Q&A doesn’t say is that Judge Thomas Hogan required the FBI to tell FISC of any positive hits on searches for entirely criminal purposes. Congress should know that, because it’s an easy data point that the IC should be able to share with Congress.

And while the document generally describes giving notice to defendants,

Section 706 governs the use of Title VII-derived information in litigation; as with Traditional FISA, it requires the government to give notice to aggrieved persons when the government intends to use evidence obtained or derived from Title VII collection in legal proceedings.

It doesn’t hint at how apparently inadequate this notice has been. Those are all details that Congress needs to know.

Hiding a cybersecurity certificate in the cheap seats?

I’m also interested in how the Q&A describes the purpose of 702. Here’s the 5 bullet points describing 702 successes (I’ve changed ODNI’s bullets to numbers for ease of reference):

1. NSA has used collection authorized under FISA Section 702 to acquire extensive insight into the highest level decision-making of a Middle Eastern government. This reporting from Section 702 collection provided U.S. policymakers with the clearest picture of a regional conflict and, in many cases, directly informed U.S. engagement with the country. Section 702 collection provides NSA with sensitive internal policy discussions of foreign intelligence value.
2. NSA has used collection authorized under FISA Section 702 to develop a body of knowledge regarding the proliferation of military communications equipment and sanctions evasion activity by a sanctions-restricted country. Additionally, Section 702 collection provided foreign intelligence information that was key to interdicting shipments of prohibited goods by the target country.
3. Based on FISA Section 702 collection, CIA alerted a foreign partner to the presence within its borders of an al-Qaeda sympathizer. Our foreign partner investigated the individual and subsequently recruited him as a source. Since his recruitment, the individual has continued to work with the foreign partner against al-Qaeda and ISIS affiliates within the country.
4. CIA has used FISA Section 702 collection to uncover details, including a photograph, that enabled an African partner to arrest two ISIS-affiliated militants who had traveled from Turkey and were connected to planning a specific and immediate threat against U.S. personnel and interests. Data recovered from the arrest enabled CIA to learn additional information about ISIS and uncovered actionable intelligence on an ISIS facilitation network and ISIS attack planning.
5. NSA FISA Section 702 collection against an email address used by an al-Qaeda courier in Pakistan resulted in the acquisition of a communication sent to that address by an unknown individual located in the United States. The message indicated that the United States-based individual was urgently seeking advice regarding how to make explosives. The NSA passed this information to the FBI. Using a National Security Letter (NSL), the FBI was able to quickly identify the individual as Najibullah Zazi. Further investigation revealed that Zazi and a group of confederates had imminent plans to detonate explosives on subway lines in Manhattan. Zazi and his co-conspirators were arrested and pled guilty or were convicted of their roles in the planned attack. As the Privacy and Civil Liberties Oversight Board (PCLOB) found in its report, “[w]ithout the initial tip-off about Zazi and his plans, which came about by monitoring an overseas foreigner under Section 702, the subway bombing plot might have succeeded.”

The list has two advantages over the lists the IC was releasing in 2013. First, it’s more modest about its claims, not, this time, listing every quasi-thwarted terrorist funding opportunity as a big success. In addition, it describes all three confirmed certificates (from the Snowden documents): counterterrorism (bullets 3 through 5), counterproliferation (2), and foreign government (1, though if this is Iran, it might also be counterproliferation). It also admits that one point of all this spying is to find informants (bullet 3), even if not as explicitly as some court filings and IG reports do. That purpose — and the associated sensitivities (including whether and how it is used by FBI) is one thing all members of Congress should be briefed on.

That said, the description of the foreign government certificate doesn’t come close to describing the kinds of people who might be swept up in it, and as such provides what I believe to be a misleading understanding of who might be targeted under 702.

Note, too, the silence about the use of certificates for counterintelligence purposes, which the government surely does. Again, that would present different threats to Americans’ privacy.

Then there’s the last sentence of the document, in the upstream collection section.

Furthermore, this collection has allowed the IC to acquire unique intelligence that informs cybersecurity efforts.

Oh, huh, what’s that doing there in the last line of the document rather than in the successes section?

From the very first public discussions of 702 after Edward Snowden, ODNI included cybersecurity among the successes, even before it had a certificate. In fact, the document released June 8, 2013, just three days after the first Snowden release, echoed some of the same language:

Communications collected under Section 702 have provided significant and unique intelligence regarding potential cyber threats to the United States including specific potential computer network attacks. This insight has led to successful efforts to mitigate these threats.

This is a problem! Whether or not upstream 702 could be used for cyber purposes has been an undercurrent since the first USA Freedom Act. There are conflicting reports on whether NSA did obtain a cyber certificate in 2012, as they hoped to, or whether that was denied or so limited that it didn’t serve the function the NSA needed. I’ve even been told that CISA is supposed to serve the same purpose.That said, FBI’s minimization procedures (but not, by my read, NSA’s) include some language directed at cybersecurity.

Congress deserves to have a better sense of whether and how the government is using upstream 702 for cybersecurity, because there are unique issues associated with it. It’s clearly a great application of upstream searches, but not one without some risks. So the government should be more clear about this, at least in classified briefings available to all members.

Admitting NSA uses Section 704 not Section 703

Finally, this language is as close as the IC has come to admitting that it uses Section 704, not Section 703, to target Americans overseas.

In contrast to Section 702, which focuses on foreign targets, Section 704 provides additional protection for collection activities directed against U.S. persons located outside of the United States. Section 2.5 of Executive Order 12333 requires the AG to approve the use of “any technique for which a warrant would be required if undertaken for law enforcement purposes” against U.S. persons abroad for intelligence purposes. The AG’s approval must be based on a determination that probable cause exists to believe the U.S. person is a foreign power or an agent of a foreign power. Section 704 builds upon these pre-FAA requirements and provides that, in addition to the AG’s approval, the government must obtain an order from the FISC in situations where the U.S. person target has “a reasonable expectation of privacy and a warrant would be required if the acquisition were conducted inside the United States for law enforcement purposes.” The FISC order must be based upon a finding that there is probable cause to believe that the target is a foreign power, an agent of a foreign power, or an officer or employee of a foreign power and that the target is reasonably believed to be located outside the United States. By requiring the approval of the FISC in addition to the approval of the AG, Section 704 provides an additional layer of civil liberties and privacy protection for U.S. persons located abroad.

In addition to Sections 702 and 704, the FAA added several other provisions to FISA. Section 701 provides definitions for Title VII. Section 703 allows the FISC to authorize an application targeting a U.S. person located outside the U.S. when the collection is conducted inside the United States. Like Section 704, Section 703 requires a finding by the FISC that there is probable cause to believe that the target is a foreign power, an agent of a foreign power, or an officer or employee of a foreign power and is reasonably believed to be located outside the United States.

I’ve written about the distinction here.

Now, in theory, the authority used may not make a difference. Moreover, it’s possible that the NSA simply uses 705b for Americans overseas, meaning they can rely on domestic providers for stored Internet data, while using their more powerful spying for overseas content (in which case Congress should know that too).

But I also think the methods used may have an impact on US persons’ privacy, both the target and others. I’ll try to lay this out in a post in the coming days.

All of which is to say, this document is useful. But there are a few areas — particularly with FBI back door searches, which is the most important area — where the document gets noticeably silent.

In this post, I reviewed the Intelligence Community’s dubious history of refusing to count how many Americans get swept up under FISA Section 702. Of particular note, I showed that when Wyden first asked for a number of how many Americans were sucked up, the NSA was in the process of conducting a partial count (on how many Americans were caught up in one kind of upstream collection); yet the government neither told Wyden that count was going on or answered his question. Even the limited count NSA conducted resulted in a FISC ruling that the US person collection violated the Constitution.

I wanted to turn, now, to the litany of concerns about Section 702 Ron Wyden laid out earlier this week.

Ultimately, Wyden’s biggest concern is about reverse targeting.

But before he gets there, he lays out a number of ways Americans can be sucked in, some of which are familiar, some of which are less so.

Upstream collection

For example, he lays out MCTs (when a completely unrelated communication is sucked in with a targeted one) and SCTs (when an about communication picks up an entirely domestic communication). About this, Wyden notes no foreigners need to be involved.

The law only requires that one of the parties to the communication who again could be another American is overseas and even that requirement is hard for the government to meet in practice. So the implications here ought to be pretty obvious. You don’t even have to be communicating with one of the government’s targets to be swept up in Foreign Intelligence Surveillance Act collection. You don’t even have to be communicating with a foreigner.

Note, especially, his point that the requirement that one communication be overseas “is hard for the government to meet in practice.”

Tasking errors

Wyden describes accidental targeting — which (given my review of all available reporting, at least) is very closely policed.

The first are targeting mistakes in which contrary to the law, the target turns out to be an American or someone in the United States. The full impact of these mistakes on law-abiding Americans is not readily apparent. The most recent public report on section 702 noted that there were compliance incidents involving surveillance of foreigners in the United States and surveillance of Americans.

Tasking problems are closely policed, but as Wyden notes, the most recent report showed a number of tasking problems, representing a big spike in the number of such compliance problems.

My working hypothesis is that the increase in identified tasking problems stems from the implementation of additional documentation in response to the PCLOB report. Most of this spike is related to one office completely misapplying a certificate (which makes me wonder if there’s a new, possibly fourth, certificate). But there were also tasking errors. The unredacted section actually says none of these affected US persons and people in the US, but there are three paragraphs redacted that may describe older tasking problems.

One foreigner list-servs

Wyden also notes that it only takes one person on an email to grant the entire email foreignness designation.

It is also important to note that the government is prohibited from collecting communications only when the sender of an e-mail and everyone receiving that e-mail are in the United States. So an American in the United States can send an e-mail to another American in the United States, but if the e-mail also goes to an overseas target, it’s going to be collected. So that then brings us to the different kinds of collection under section 702 and how it affects the liberties of our people in different ways.

Imagine a group of people — say hackers — collaborating on some IRC channel where one known participant was foreign. That would meet the foreignness designation and lead to the collection of everyone, American or not, participating.

American business people doing business overseas

Wyden also emphasizes that the definition of “foreign intelligence” is so broad that the target doesn’t have to be suspected of any wrongdoing.

The statute requires that the collection be conducted, quote, to acquire foreign intelligence information. As implemented the standard for targeting individuals under the program is that the government has reason to believe that these persons possess or are expected to receive or are likely to communicate foreign intelligence information. Obviously that is broad. It doesn’t even require that a target be suspected of wrongdoing.

And it’s in that context that he raises the possibility that an “American business leader” could easily be collected.

[T]hink about how easy it would be for an American business leader to be in contact with a broad set of potential targets of this program. Consider how easy it would be for Americans communicating with other Americans to forward the e-mails of these people. All of this could be collected by the government.

Of course, any business person could be collected in such a way (or scientists, which appears to be what has gotten a lot of Chinese-American scientists in trouble).

Reverse targeting

But as I said, Wyden seems most concerned about the standard for reverse targeting, which he raised as a newly urgent concern in 2013. According to the standard currently implemented, reverse targeting is extremely rare — perhaps just three instances, with the most recent occurring in the December 2014 to May 2015 period.

One of NSA’s tasking errors involved the tasking of a facility that was used by a nonUnited States person located outside the United States that was determined to involve reverse targeting.

[snip]

In this incident, the Attorney General authorized the targeting of the United States person pursuant to Section 705(b) of FISA. This reverse targeting incident resulted from an NSA analyst misunderstanding the reverse targeting prohibition and not because an NSA analyst intentionally attempted to violate Section 702 or NSA policy.

The American being targeted was overseas and got targeted, under Section 705(b) anyway. A completely redacted footnote excuses the analyst’s error.

But Wyden suggests that several other factors may lead to more reverse targeting than gets identified by the current standard of review. He suggests back door searches (which he notes Bush didn’t do, at least not for the first several years of PRISM, though I suspect it actually happened at FBI) make the problem worse.

This issue was concerning in 2008 when the Foreign Intelligence Surveillance Act amendments passed with a prohibition on reverse targeting, but that was before the Congress knew about the collection of e-mails that are only about a foreign target and that could be to and from Americans. That was before the Obama administration sought and obtained authority to conduct warrantless searches for communications to, from and about Americans out of section 702 PRISM collection.

[snip]

Before 2011, the FISA court prohibited, prohibited queries for U.S. persons. I’m going to repeat that: Under the Bush Administration and the first two years of the Obama Administration, it was not possible to conduct these back-door, warrantless searches of law-abiding Americans. Then the Obama Administration sought to change the rules and obtained authority to conduct them.

While he doesn’t provide much detail, he points to the expanded ability of those doing the back door searches (presumably, I’d imagine, those at CIA and FBI) to also nominate people for targeting.

Each of the agencies authorized to conduct these warrantless searches, the N.S.A., the F.B.I., the C.I.A., are also authorized to identify the overseas targets of section 702. The agencies that have developed an interest in Americans’ communications and are actually looking for these communications are the same agencies that are in a position to encourage ongoing collection of those communications by targeting the overseas party.

Such targeting still has to undergo NSA targeting review, meaning the actual target has to be overseas and have, according to NSA’s review team, foreign intelligence value unto himself. But it would be fairly easy for the FBI to target someone known to communicate prolifically with an American to be able to get the American’s side of the conversation. To make things worse, FBI has devolved its targeting to field offices, and I’m not convinced the reviews of field offices are as rigorous as they were at Headquarters. Not all field offices even get reviewed (though I assume the ones doing the most foreign targeting are), and the tracking on US persons caught up in all this has diminished with the devolution.

I share Wyden’s concerns — especially given NSA’s dodgy response to the Snowden documents released last year.

Given the volume of information the NSA and, derivatively, CIA and FBI, collect, it would be very easy to get away with reverse targeting, particularly the more you move targeting into the hands of people leading investigations, as has happened at FBI.

Wyden is not the only one concerned about this. Ted Lieu, fresh off the classified 702 briefing last week, seemed pretty concerned as well (as well as Rand Paul, though I’m not sure if Paul has had briefing on this). We won’t get the kind of granularity we need to understand how big of a problem this is.

I noted something in the batch of Semiannual Section 702 Assessments I Con the Record released in January that may explain one reason why the government has such problems giving defendants who’ve been captured in Section 702 surveillance the notice required under the law.

Starting with the 14th Assessment — the one released in February 2016, which covers December 2014 to May 2015 (which also began to integrate feedback from PCLOB), the assessments started to reveal that disseminated reports don’t identify where information on a US Person comes from.

23 (C//NF) NSA does not maintain records that allow it to readily determine, in the case of a report that includes information from several sources, from which source a reference to a U.S. person was derived. Accordingly, the references to U.S. person identities may have resulted from collection pursuant to Section 702 or from other authorized signals intelligence activity conducted by NSA that was reported in conjunction with information acquired under Section 702. Thus, the number provided above is assessed to likely be over-inclusive. NSA has previously provided this explanation in its Annual Review pursuant to Section 702(l)(3) that is provided to Congress.

Presumably, the reports track that intelligence in the report comes from Section 702, or else they wouldn’t be able to track how often serialized reports contain US person information derived from Section 702- or PAA-acquired data, which is where this footnote appears. (In this reporting period, 9.7% of reports including US person information.) But they don’t track which tidbits come from 702 and which come from — say — EO 12333 authorized information or foreign partners.

Given that these reports get circulated outside of NSA (and even outside those people cleared into Section 702), that might mean someone with a dual intelligence/law enforcement role would see the information, pursue further investigation, and yet not know that the investigation “derived” from 702 data, which would then mean the defendant might never get notice.

Last week, a bunch of House Judiciary Committee members set James Clapper a letter stating that before the Committee deals with Section 702 reauthorization next year, they’d like:

• The number of telephone communications in which one caller is located in the United States
• The number of Internet communications acquired through upstream collection that originate or terminate in the United States
• The number of communications of or concerning U.S. persons that the NSA positively identifies as such in the routine course of its work

They asked for those numbers by May 6.

In response, Clapper is humming and hawing about “several options” for disclosing how many Americans get spied on under Section 702.

Clapper said that “any methodology we come up with will not be completely satisfactory to all parties.”

“If we could have made such an estimate and if such an estimate were easy to do — explainable without compromise — we would’ve done it a long time ago,” he said.

We just learned there is, however, one number that should be easy-peasy to make public (and one I’m frankly alarmed the HJC members didn’t mention, as they should have known about it for some time): the number of back door searches FBI conducts on Section 702 data for reasons other than national security.

As I noted the other day, in response to FISC amicus (and former Eric Holder counsel) Amy Jeffress’ argument that FBI’s back door searches of Section 702 are unconstitutional, Thomas Hogan required FBI “submit in writing a report concerning each instance … in which FBI personnel receive and review Section 702-acquired information that the FBI identifies as concerning a United States person in response to a query that is not designed to find and extract foreign intelligence information.” As I noted, that’s an easily gamed number — I’m sure FBI treats a lot of criminal matters as national security ones, and FBI has the ability to see if there is 702 data without looking at it, permitting it to see if the same data is available under another authority.

Nevertheless, DOJ must have an exact number of reports they’ve submitted in response to this reporting requirement, which has been in place for over four months.

That’s not to say HJC shouldn’t insist on getting estimates for all the other numbers they’re seeking. But they should also demand that this number — the number of times FBI is using a foreign intelligence exception for criminal prosecutions that should be subject to a probable cause standard — be made public.

As I noted, in his opinion approving the Section 702 certifications from last year, Judge Thomas Hogan had a long section describing the 4 different kinds of violations the spooks had committed in the prior year.

One of those pertained to FBI agents not establishing an attorney-client review team for people who had been indicted, as mandated by the FBI’s minimization procedures.

In his section on attorney-client review team violations, Hogan describes violations in all four of the Quarterly Reports submitted since the previous 702 certification process: December 19, 2014, March 20, 2015, June 19, 2015, and September 18, 2015. He also cites three more Preliminary Compliance Reports that appear not to be covered in that September 18, 2015 report: one on September 9, 2015, one on October 5, 2015, and one on October 8, 2015. His further discussion describes the government claiming at a hearing on October 8 to discuss the issue that, thanks to a new system FBI had deployed to address the problem, “additional instances of non-compliance with the review team requirement were discovered by the time of the October 8 Hearing.”

But as Hogan notes in his November 2015 opinion, FBI discovered a lot of these issues because FBI had had a similar problem the previous year and he required them to review for it closely in his 2014 order. A July 30, 2014 letter submitted as part of the recertification process describes two instances in depth: one noticed in February 2014 and reported in the March Quarterly report, and one noticed in April and reported in the June 2014, each involving multiple accounts. A footnote to that discussion admits “there have been additional, subsequent instances of this type of compliance incident.”

Set aside, for the moment, the persistence with which FBI failed to set up review teams to make sure prosecutorial teams were not reading the attorney-client conversations of indicted defendants (who are the only ones who get such protection!!!). Set aside the excuses they gave, such as that they thought this requirement — part of the legally mandatory minimization procedures — didn’t apply for sealed indictments or with targets located outside the United States.

Conservatively, this significantly redacted discussion identifies 9 examples (2 reported in Compliance Reports in 2014, at least 1 reported each in each of four quarterly Compliance report between applications, plus 3 individual compliance reports submitted after the September Compliance report) when people who have been indicted had their communications collected under Section 702, whether they were the target of the 702 directives or not.

And yet, as Patrick Toomey wrote in December, not a single defendant has gotten a Section 702 notice during the period in question.

Up until 2013, no criminal defendant received notice of Section 702 surveillance, even though notice is required by statute. Then, after reports surfaced in the New York Times that the Justice Department had misled the Supreme Court and was evading its notice obligations, the government issued five such notices in criminal cases between October 2013 and April 2014. After that, the notices stopped — and for the last 20 months, crickets.

We know both Mohamed Osman Mohamud — who received a 702 notice personally — and Bakhtiyor Jumaev — who would have secondary 702 standing via Jamshid Muhtorov, with whom he got busted — had their attorney-client communications spied on. But that wasn’t (damn well better not have been!!) 702 spying, because both parties to all those conversations were in the US.

These are 9 different defendants who’ve not yet been told they were being spied on under 702.

Why not?

The answer is probably the one Toomey laid out: that even though members of a prosecutorial team were listening in on attorney-client conversations collected under 702, DOJ made sure nothing from those conversations (or anything else collected via 702) got used in another court filing, and thereby avoided the notice requirement.

Based on what can be gleaned from the public record, it seems likely that defendants are not getting notice because DOJ is interpreting a key term of art in Fourth Amendment law too narrowly — the phrase “derived from.” Under FISA itself, the government is obliged to give notice to a defendant when its evidence is “derived from” Section 702 surveillance of the defendant’s communications. There is good reason to think that DOJ has interpreted this phrase so narrowly that it can almost always get around its own rule, at least in new cases.

It is clear from public reporting and DOJ’s filings in the ACLU’s lawsuit that it has spent years developing a secret body of law interpreting the phrase “derived from.” Indeed, from 2008 to 2013, National Security Division lawyers apparently adopted a definition of “derived” that eliminated notice of Section 702 surveillance altogether. Then, after this policy became public, DOJ came up with something else, which produced a handful of notices in existing cases.

Savage reports in Power Wars that then-Deputy Attorney General James Cole decided that Section 702 information had to have been “material” or “critical” to trigger notice to a defendant. But the book doesn’t provide any details about the legal underpinnings for this rule or, crucially, how Cole’s directive was actually implemented within DOJ. The complete absence of Section 702 notices since April 2014 suggests DOJ may well have found new ways of short-circuiting the notice requirement.

One obvious way DOJ might have done so is by deeming evidence to be “derived from” Section 702 surveillance only when it has expressly relied on Section 702 information in a later court filing — for instance, in a subsequent FISA application or search warrant application. (Perhaps DOJ’s interpretation is slightly more generous than this, but probably not by much.) DOJ could then avoid giving notice to defendants simply by avoiding all references to Section 702 information in those court filings, citing information gleaned from other investigative sources instead — even if the information from those alternative sources would never have been obtained without Section 702.

So these 9 mystery defendants don’t tell us anything new. They just give us a number — 9 — of defendants the government now has officially admitted have been spied on under 702 who have not been told that.

As I noted, Judge Hogan did not include this persistent attorney-client problem among the things he invited Amy Jeffress to review as amicus. Whether or not she would have objected to the persistent violation of FBI’s minimization procedures, a review of them would also have given her evidence from which she might have questioned FBI’s compliance with another part of 702, that defendants get notice.

But DOJ seems pretty determined to flout that requirement going forward.

Way at the end of yesterday’s Senate Intelligence Committee Global Threats hearing, Tom Cotton asked his second leading question permitting an intelligence agency head to ask for surveillance, this time asking Admiral Mike Rogers whether he still wanted Section 702 (the first invited Jim Comey to ask for access to Electronic Communications Transactions Records with National Security Letters, as Chuck Grassley had asked before; Comey was just as disingenuous in his response as the last time he asked).

Curiously, Cotton offered Rogers the opportunity to ask for Section 702 to be passed unchanged. Cotton noted that in 2012, James Clapper had asked for a straight reauthorization of Section 702.

Do you believe that Congress should pass a straight reauthorization of Section 702?

But Rogers (as he often does) didn’t answer that question. Instead, he simply asserted that he needed it.

I do believe we need to continue 702.

At this point, SSCI Chair Richard Burr piped up and noted the committee would soon start the preparation process for passing Section 702, “from the standpoint of the education that we need to do in educating and having Admiral Rogers bring us up to speed on the usefulness and any tweaks that may have to be made.”

This seems to parallel what happened in the House Judiciary Committee, where it is clear some discussion about the certification process occurred (see this post and this post).

Note this discussion comes in the wake of a description of some of the changes made in last year’s certification in this year’s PCLOB status report. That report notes that last year’s certification process approved the following changes:

• NSA added a requirement to explain a foreign intelligence justification in targeting decisions, without fully implementing a recommendation to adopt criteria “for determining the expected foreign intelligence value of a particular target.” NSA is also integrating reviewing written justifications in its auditing process.
• FBI minimization procedures were revised to reflect how often non-national security investigators could search 702-collected data, and added new limits on how 702 data could be used.
• NSA and CIA write justifications for conducting back door searches on US person data collected under Section 702, except for CIA’s still largely oversight free searches on 702-collected metadata.
• NSA and CIA twice (in January and May) provided FISC with a random sampling of its tasking and US person searches, which the court deemed satisfactory in its certification approval.
• The government submitted a “Summary of Notable Section 702 Requirements” covering the rules governing the program, though this summary was not comprehensive nor integrated into the FISC’s reauthorization.

As the status report implicitly notes, the government has released minimization procedures for all four agencies using Section 702 (in addition to NSA, CIA, and FBI, NCTC has minimization procedures), but it did so by releasing the now-outdated 2014 minimization procedures as the 2015 ones were being authorized. At some point, I expect we’ll see DEA minimization procedures, given that the shutdown of its own dragnet would lead it to rely more on NSA ones, but that’s just a wildarseguess.