Posts

What’s the Relationship Database About?

Atrios asks what the whole dragnet is about.

It’s actually a serious question. Maybe it’s just a full employment program for spooks. Maybe they just do it because they can. But the only “real” point to such an extensive surveillance system is to abuse that surveillance (the surveillance itself is already an abuse of course).

At best it’s a colossal fucking waste of money. At worst?

I actually think there are understandable answers for much of this.

Since Michael Hayden took over the NSA, contractors have assumed an increasingly dominant role in the agency, meaning you’ve got a former DIRNSA at Booz Allen Hamilton pitching future Booz VPs on solutions to keep the country safe that just happen to make them fabulously profitable and don’t happen to foreground privacy. As Thomas Drake showed, we’re pursuing the biggest and most privacy invasive solutions because contractors are embedded with the agency.

I think there’s the One Percent approach we got from Dick Cheney, that endorses maximal solutions to hunt terrorists even while avoiding any real accountability (both for past failures and to review efficacy) because of secrecy. We’re slowly beginning to wean ourselves from this Cheney hangover, but it is taking time (and boosters for his approach are well-funded and publicized).

And, at the same time, criminals and other countries have attacked our weak network security underbelly, targeting the companies that have the most political sway, DOD contractors and, increasingly, financial companies, which is setting off panic that is somewhat divorced from the average American’s security. The accountability for cybersecurity is measured in entirely different ways than it is for terrorism (otherwise Keith Alexander, who claims the country is being plundered like a colony, would have been fired years ago). In particular, there is no punishment or even assessment of past rash decisions like StuxNet. But here, as with terrorism, the notion of cost-benefit assessment doesn’t exist. And this panicked effort to prevent attacks even while clinging to offensive cyberweapons increasingly drives the overaggressive collection, even though no one wants to admit that.

Meanwhile, I think we grab everything we can overseas out of hubris we got while we were the uncontested world power, and only accelerated now that we’re losing that uncontested position. If we’re going to sustain power through coercion — and we developed a nasty habit of doing so, especially under Bush — then we need to know enough to coerce successfully. So we collect. Everything. Even if doing so makes us stupider and more reliant on coercion.

So I can explain a lot of it without resorting to bad faith, even while much of that explanation underscores just how counterproductive it all is.

But then there’s the phone dragnet, the database recording all US phone-based relationships in the US for the last 5 years. Read more

3 Tech Issues the Non-Technologist NSA Technical Committee Needs to Address

A number of people are asking why I’m so shocked that President Obama appointed no technologists for his NSA Review Committee.

Here are three issues that should be central to the Committee’s discussions that are, in significant part, technology questions. There are more. But for each of these questions, the discussion should not be whether the Intelligence Community thinks the current solution is the best or only one, but whether it is an appropriate choice given privacy implications and other concerns.

  • Whether the Intelligence Community can accomplish the goals of the Section 215 dragnet without collecting all US person metadata
  • Whether the NSA can avoid collecting Multiple Communication Transactions as part of upstream collection
  • How to oversee unaudited actions of technical personnel

There are just three really obvious issues that should be reviewed by the committee. And for all of them, it would be really useful for someone with the technical background to challenge NSA’s claims to be on the committee.

Whether the Intelligence Community can accomplish the goals of the Section 215 dragnet without collecting all US person metadata

One of the most contentious NSA practices — at least as far as most Americans go — is the collection of all US person phone metadata for the Section 215 dragnet. Yet even Keith Alexander has admitted — here in an exchange with Adam Schiff in a House Intelligence Committee hearing on June 18 — that it would be feasible to do it via other means, though perhaps not as easy.

REP. SCHIFF: General Alexander, I want to ask you — I raised this in closed session, but I’d like to raise it publicly as well — what are the prospects for changing the program such that, rather than the government acquiring the vast amounts of metadata, the telecommunications companies retain the metadata, and then only on those 300 or so occasions where it needs to be queried, you’re querying the telecommunications providers for whether they have those business records related to a reasonable, articulable suspicion of a foreign terrorist connection?

Read more

“Credibility”

An embarrassing number of people in DC have been saying publicly since Friday that we have to launch cruise missiles against Bashar al-Assad or risk the “credibility” of the United States. John McCainMike McCaul. Adam Schiff. Former NSC staffer Barry Pavel.

But this WSJ piece — after describing how central the Saudis were in presenting earlier claims that Assad had used chemical weapons and in the midst of descriptions of how central a role Bandar bin Sultan is playing in drumming up war against Syria — reports that Saudi King Abdullah and others were bitching about US credibility as early as April.

In early April, said U.S. officials, the Saudi king sent a strongly worded message to Mr. Obama: America’s credibility was on the line if it let Mr. Assad and Iran prevail. The king warned of dire consequences of abdicating U.S. leadership and creating a vacuum, said U.S. officials briefed on the message.

Saudi Foreign Minister Prince Saud al-Faisal, who was the first Saudi official to publicly back arming the rebels, followed with a similar message during a meeting with Mr. Obama later that month, the officials said.

I wonder if we started taking Saudi taunts about our credibility more seriously after Bandar made a show of wooing Vladimir Putin?

In any case, here we go, hastily getting involved in the war in Syria and potentially escalating it across the region as a whole, without proper review much less a plan on how to actually improve the situation in Syria.

Credibility.

Apparently, the only kind of credibility that matters for America’s place in the role anymore is if our Saudi overlords suggest we lack credibility if we fail to do their explicit, and long-planned, bidding.

Credibility.

Meanwhile think of all the things American has squandered its position as unquestioned leader of the world without confronting. Poverty, hunger. The most obvious, of course, is climate change.

How much more “credibility” would the United States have by now if, at the start of his Administration, Obama had launched not just a Manhattan project to dramatically curb American use of fossil fuels, but also invested the goodwill Obama had (back before he expanded the drones) to find an equitable, global approach to climate change.

Credibility.

Apparently, the only thing the Villagers in DC think could or should win us “credibility” is in unquestioningly serving as global enforcer against the brutal dictators our brutal dictator friends the Saudis wants us to punish (though the Saudis are quite selective about which brutal dictators they stake our credibility on).

America could have used its power and leadership to earn real credibility. Instead, we’re trying to suck up to Bandar Bush.

GOP Not Anxious to End John Roberts’ Unilateral Reign Appointing FISA Judges

FWIW, Roger “Broccoli” Vinson aside, John Roberts has been appointing some solidly conservative, but nevertheless not lockstep Republicans to the FISA Court in recent years. But especially given the degree to which the FISC is now playing what former FISC judge James Robertson called a policy role, it is all the more inappropriate to have the Chief Justice, of whatever party, unilaterally pick FISC judges.

And some members of Congress — Adam Schiff in the House and Richard Blumenthal in the Senate — are trying to change that.

Curiously, however, while Republicans are happy to cosponsor legislation to force FISC to publish their opinions, Schiff, at least, has had no success finding a Republican cosponsor to support moves to take the FISC appointments out of John Roberts’ hands.

Schiff’s having a tougher time finding GOP co-sponsors for a second measure that would require Presidential nomination and Senate confirmation of FISA judges. Currently they are appointed by U.S. Supreme Court Chief Justice John Roberts.

I guess whatever claims GOP Representatives make about wanting to impose some controls on this dragnet take a back seat to maximizing party influence?

In These Times We Can’t Blindly Trust Government to Respect Freedom of Association

One of my friends, who works in a strategic role at American Federation of Teachers, is Iranian-American. I asked him a few weeks ago whom he called in Iran; if I remember correctly (I’ve been asking a lot of Iranian-Americans whom they call in Iran) he said it was mostly his grandmother, who’s not a member of the Republican Guard or even close. Still, according to the statement that Dianne Feinstein had confirmed by NSA Director Keith Alexander, calls “related to Iran” are fair game for queries of the dragnet database of all Americans’ phone metadata.

Chances are slim that my friend’s calls to his grandmother are among the 300 identifiers the NSA queried last year, unless (as is possible) they monitored all calls to Iran. But nothing in the program seems to prohibit it, particularly given the government’s absurdly broad definitions of “related to” for issues of surveillance and its bizarre adoption of a terrorist program to surveil another nation-state. And if someone chose to query on my friend’s calls to his grandmother, using the two-degrees-of-separation query they have used in the past would give the government — not always the best friend of teachers unions — a pretty interesting picture of whom the AFT was partnering with and what it had planned.

In other words, nothing in the law or the known minimization rules of the Business Records provision would seem to protect some of the AFT’s organizational secrets just because they happen to employ someone whose grandmother is in Iran. That’s not the only obvious way labor discussions might come under scrutiny; Colombian human rights organizers with tangential ties to FARC is just one other one.

When I read labor organizer Louis Nayman’s “defense of PRISM,” it became clear he’s not aware of many details of the programs he defended. Just as an example, Nayman misstated this claim:

According to NSA officials, the surveillance in question has prevented at least 50 planned terror attacks against Americans, including bombings of the New York City subway system and the New York Stock Exchange. While such assertions from government officials are difficult to verify independently, the lack of attacks during the long stretch between 9/11 and the Boston Marathon bombings speaks for itself.

Keith Alexander didn’t say NSA’s use of Section 702 and Section 215 have thwarted 50 planned attacks against Americans; those 50 were in the US and overseas. He said only around 10 of those plots were in the United States. That works out to be less than 20% of the attacks thwarted in the US just between January 2009 and October 2012 (though these programs have existed for a much longer period of time, so the percentage must be even lower). And there are problems with three of the four cases publicly claimed by the government — from false positives and more important tips in the Najibullah Zazi case, missing details of the belated arrest of David Headley, to bogus claims that Khalid Ouazzan ever planned to attack NYSE. The sole story that has stood up to scrutiny is some guys who tried to send less than $10,000 to al-Shabaab.

While that doesn’t mean the NSA surveillance programs played no role, it does mean that the government’s assertions of efficacy (at least as it pertains to terrorism) have proven to be overblown.

Yet from that, Nayman concludes these programs have “been effective in keeping us safe” (given Nayman’s conflation of US and overseas, I wonder how families of the 166 Indians Headley had a hand in killing feel about that) and defends giving the government legal access (whether they’ve used it or not) to — among other things — metadata identifying the strategic partners of labor unions with little question.

And details about the success of the program are not the only statements made by top National Security officials that have proven inaccurate or overblown. That’s why Nayman would be far better off relying on Mark Udall and Ron Wyden as sources for whether or not the government can read US person emails without probable cause than misstating what HBO Director David Simon has said (Simon said that entirely domestic communications require probable cause, which is generally but not always true). And not just because the Senators are actually read into these programs. After the Senators noted that Keith Alexander had “portray[ed] protections for Americans’ privacy as being significantly stronger than they actually are” — specifically as it relates to what the government can do with US person communications collected “incidentally” to a target — Alexander withdrew his claims.

Nayman says, “As people who believe in government, we cannot simply assume that officials are abusing their lawfully granted responsibility and authority to defend our people from violence and harm.” I would respond that neither should we simply assume they’re not abusing their authority, particularly given evidence those officials have repeatedly misled us in the past.

Nayman then admits, “We should do all we can to assure proper oversight any time a surveillance program of any size and scope is launched.” But a big part of the problem with these programs is that the government has either not implemented or refused such oversight. Some holes in the oversight of the program are:

  • NSA has not said whether queries of the metadata dragnet database are electronically  recorded; both SWIFT and a similar phone metadata program queries have been either sometimes or always oral, making them impossible to audit
  • Read more

Pro-Drone Leaks from the Leak Witch Hunt Committees

There are several interesting details in this story describing the claimed attention with which the Intelligence Committees oversee drone killing.

But let’s start with the fact that it largely relies on anonymous staffers from the Intelligence Committees (as well as on-the-record comments Dianne Feinstein has made in other contexts, and two on-the-record quotes from Democratic Congressmen).

“You can see exactly what is going on,” said a senior congressional aide, who, like other officials, spoke about the highly classified program on the condition he not be identified.

[snip]

“I don’t know that we’ve ever seen anything that we thought was inappropriate,” one senior staff member said.

Still, the drone program is under far more scrutiny than in the past, congressional officials say.

[snip]

Members of the oversight committees are limited in their ability to challenge the CIA’s conclusions, a senior staff member cautioned. “I can watch video all day long — I’m not an imagery analyst,” he said. “I can only look to see if the description reasonably concurs with what my untrained eyes are seeing.”

This, in spite of the facts in the article–to say nothing of recent government court filings–making it clear that the program is compartmented.

The lawmakers and aides with the intelligence oversight committees have a level of access shared only by President Obama, his top aides and a small number of CIA officials.

Of particular note, while the article makes clear that HPSCI senior policy advisor and Naval Reserve intelligence officer Tom Corcoran (who it describes as someone with real expertise in reviewing intelligence) did not comment for the article, it does not say whether two former Ag Committee staffers working for Saxby Chambliss on SSCI commented or not.

There’s a lot else in this article deserving of attention: its silence about the oversight of JSOC strikes (which derives from the different oversight rules for the military), conflicting details about the Abu Yahya al Libi strike, the assumptions expressed about visual evidence and real knowledge.

But most of all, I find it notable that just weeks after these staffers’ bosses have declared war on leaks, they’re out there, leaking to spin their bosses’ desired narrative that the bosses exercise adequate oversight over a controversial program.

Adam Schiff Advocates Gutting Miranda

Adam Schiff–a CA Democrat (!)–just filed a bill aiming to not only give prosecutors 4 days to question “terror suspects” before bringing them to court, but also expressing the will of Congress to let them delay Mirandizing suspects “as long as is necessary.”

The bill filed Thursday by Rep. Adam Schiff (D-Calif.) would change federal law by creating a procedure to question a suspected terrorist for up to four days before taking him or her to court without jeopardizing prosecutors’ ability to use statements made by a suspect during that time.

It would also express Congress’s view that authorities can delay reading Miranda warnings “for as long as is necessary” to elicit intelligence from a terror suspect.

I had a whole range of thoughts as I read this. I reminded myself that the time frame Schiff would allow prosecutors to hold people without bringing them to court is just slightly longer than the amount of time our country claims we can legally sleep deprive someone (remember, the reason we delayed bringing Faisal Shahzad to court was because we needed him available 24/7). I’m intrigued by the timing–not long before an election that the White House has said could result in Dems losing the House (and with it, John Conyers and Jerry Nadler losing their Committee and Subcommittee gavels).

But I’m also interested by what Schiff didn’t include in his bill: Any limitation on this to those who present a national security risk (as the hawkish Ben Wittes notes in a quote in the story). So can an environmental activist lose Miranda rights under this bill? Can Quakers?