Alberto Gonzales

1 2 3 8

In 2003, OLC Doubled Down on Unlimited (de)Classification Authority for the President

One of the tactics those in DOJ attempted to use in 2004 to put some controls on Stellar Wind, it appears from the DOJ IG Report, was to point to legal requirements to inform Congress (for example, to inform Congress that the Attorney General had decided not to enforce particular laws), which might have led to enough people in Congress learning of the program to impose some limits on it. For example, Robert Mueller apparently tried to get the Executive to brief the Judiciary Committees, in addition to the Gang of Four, about the program.

On March 16, 2004 Gonzales wrote a letter to Jim Comey in response to DOJ’s efforts to force the Administration to follow the law. Previous reporting revealed that Gonzales told Comey he misunderstood the White House’s interest in DOJ’s opinion.

Your memorandum appears to have been based on a misunderstanding of the President’s expectations regarding the conduct of the Department of Justice. While the President was, and remains, interested in any thoughts the Department of Justice may have on alternative ways to achieve effectively the goals of the activities authorized by the Presidential Authorization of March 11, 2004, the President has addressed definitively for the Executive Branch in the Presidential Authorization the interpretation of the law.

This appears to have led directly to Comey drafting his resignation letter.

But what previous reporting didn’t make clear was that Gonzales also claimed the Administration had unfettered authority to decide whether or not to share classified information (and that, implicitly, it could blow off statutory Congressional reporting requirements).

Gonzales letter also addressed Comey’s comments about congressional notification. Citing Department of the Navy v. Egan, 484 U.S. 518 (1988) and a 2003 OLC opinion, Gonzales’s letter stated that the President has the constitutional authority to define and control access to the nation’s secrets, “including authority to determine the extent to which disclosure may be made outside the Executive Branch.” (TS//STLW//SI/OC/NF) [PDF 504]

I’m as interested in this as much for the timing of the memo — 2003 — as the indication that the Executive asserted the authority to invoke unlimited authority over classification as a way to flout reporting mandates (both with regards to Stellar Wind, but the implication is, generally as well).

The most likely time frame for this decision would be around March 25, 2003, when President Bush was also rewriting the Executive Order on classification (this EO is most famous because it gave the Vice President new authorities over classifying information). If that’s right, it would confirm that Bush’s intent with the EO (and the underlying OLC memo) was to expand the ability to invoke classification for whatever reasons.

And if that OLC opinion was written around the time of the March 2003 EO, it would mean it was on the books (and, surely, known by David Addington) when he counseled Scooter Libby in July 2003 he could leak whatever it was Dick Cheney told him to leak to Judy Miller, up to and including Valerie Plame’s identity.

But I’m also interested that this footnote was classified under STLW, the Stellar Wind marking. That may not be definitive, especially given the innocuous reference to the OLC memo. But it’s possible that means the 2003 opinion — the decision to share or not share classified information according to the whim of the President — was tied to Stellar Wind. That would be interesting given that George Tenet and John Yoo were declaring Iraq and their claimed conspirators in the US were terrorists permissible for surveillance around the same time.

Finally, I assume this OLC memo, whatever it says, is still on the books. And given how it was interpreted in the past — that OLC could simply ignore reporting mandates — and that the government continued to flout reporting mandates until at least 2010, even those tied specifically to surveillance, I assume that the Executive still believes it can use a claimed unlimited authority over classification to trump legally mandated reporting requirements.

That’s worth keeping in mind as we debate a bill, USA F-ReDux, celebrated, in part, for its reporting requirements.

Alberto Gonzales: The Counsel Represented by Counsel and Babysat by Cheney’s Counsel

Footnote 147 of the DOJ IG Report on Stellar Wind (PDF 462-3) modifies a discussion of the discussions on March 6 and 7, 2004 in which Jack Goldsmith and Patrick Philbin informed David Addington and Alberto Gonzales that they could not reauthorize Stellar Wind — in spite of applying a relaxed standard of review — because the White House wanted them to affirm that John Yoo’s November 2, 2001 memo had covered the program, yet Yoo’s memo had not included all aspects of it (this likely pertains to the collection of Internet metadata from telecom switches, though it may also pertain to the collection on Iraqi targets).

After reporting Gonzales’ claimed reaction to the meetings at which DOJ’s lawyers told the White House the program was illegal, the report notes that Gonzales was lawyered up at his IG interview, but later provided further elaboration in writing.

Later on March 6, Goldsmith and Philbin went to the White House to meet with Addington and Gonzales to convey their conclusions that the [2 lines redacted] According to Goldsmith’s chronology of these events, Addington and Gonzales “reacted calmly and said they would get back with us.” Goldsmith told us that the White House was not worried that it was “out there,” meaning that it was implementing a program without legal support.

On Sunday afternoon, March 7, 2004, Goldsmith and Philbin met again with Addington and Gonzales at the White House. According to Goldsmith, the White House officials informed Goldsmith and Philbin that they disagreed with Goldsmith and Philbin’s interpretation of Yoo’s memoranda and on the need to change the scope of the NSA’s collection. Gonzales told us that he recalled the meetings of March 6 and March 7, 2004, but did not recall the specifics of the discussions. He said he remembered that the overall tenor of the meetings with Goldsmith was one of trying to “find a way forward.”147

147 As noted above, Gonzales was represented by counsel during his interview with the OIG. Also present during the interview because of the issue of executive privilege was a Special Counsel to the President, Emmitt Flood. We asked Gonzales whether the President had been informed by this point in time of the OLC position regarding the lack of legal support for the program and [redacted]. Flood objected to the question on relevancy grounds and advised Gonzales not to answer, and Gonzales did not provide us an answer. However, when Gonzales commented on a draft of the report, he stated that he would not have brought Goldsmith and Philbin’s “concerns” to the attention of the President because there would have been nothing for the President to act upon at this point. Gonzales stated that this was especially true given that Ashcroft continued to certify the program as to legality during this period. Gonzales stated he generally would only bring matters to the President’s attention if the President could make a decision about them.

Remember the situation Gonzales would have been in. The interview (and probably, though not certainly, the review of the draft) would have taken place in fall to winter 2008, when Bush was still in office.

Thus, the interview would have happened during the period or just after DOJ IG conducted an investigation into what amounted to a CYA file Gonzales had carried around in his briefcase — documents and draft documents relating to all the illegal programs in which he had been involved, including his notes pertaining to the hospital confrontation over Stellar Wind. There’s reason to believe he was referred for that investigation precisely because it was recognized as a CYA file and he was no longer regarded as loyal on surveillance issues.

In addition, at the time, too, DOJ was still considering whether to file charges against Gonzales for the US Attorney scandal. So it makes sense that Gonzales’ retained lawyer, George Terwilliger, was there (and it is somewhat surprising that, given that John Ashcroft got away without cooperating, Terwilliger let him cooperate).

But then there is Emmet Flood.

Both before and after his tenure in the White House Counsel’s office — where he was brought in to deal with the scandals of the late Bush Administration — Flood was (and remains) a partner at Williams & Connolly. And not just a partner. He was formally part of Dick Cheney’s defense team when Patrick Fitzgerald was honing in on the Vice President for leaking Valerie Plame’s identity, and Flood would remain involved in protecting Cheney even after moved onto the taxpayer dime.

Emmet Flood may have been there in the name of protecting Executive Privilege, but it was not Bush’s privilege Flood was protecting.

So we learn that on March 6, 2004, Goldsmith and Philbin tell Gonzales and Addington that parts of Stellar Wind have never been legal. On March 7, 2004, Gonzales and Addington come back and tell OLC’s lawyers they’re wrong.

And when DOJ’s IG asked Gonzales whether — in the interim day — he had informed the President about this, Cheney’s defense lawyer pipes up and tells him not to answer. Given that Bush apparently learned new details of all this 4 days later when Comey and Robert Mueller would tell him directly, the answer is no (which is consistent with what Gonzales said when Cheney’s lawyer wasn’t present).

Which leaves the logical and thoroughly unsurprising conclusion — but one Cheney’s taxpayer funded lawyer didn’t want included in a legal document — Cheney (who is not a lawyer, nor does he have Article II authority directly) is the one who told Gonzales and Addington to dig in.

Update: Flood also had Gonzales refuse to answer a question about whether anyone had thought to include DOJ in the meeting with Congress.

DC’s Elite: Let Our General Go!

At almost precisely the moment the FBI started investigating who was pestering Tampa Bay socialite Jill Kelley, an investigation that would lead to the resignation and investigation of David Petraeus, John McCain called for an investigation into top Obama officials leaking details of covert ops to make themselves look good.

Outraged by two recent articles published by the New York Times, which exposed the extent of U.S. involvement in cyberattacks made against Iran and the White House’s secret ‘Kill List,’ John McCain (R-Ariz.) and Saxby Chambliss (R-Ga.) took to the Senate floor to admonish the administration, and accuse it of widespread disregard for national security.

“The fact that this administration would aggressively pursue leaks by a 22-year-old Army private in the Wikileaks matter and former CIA employees in other leaks cases, but apparently sanction leaks made by senior administration officials for political purposes is simply unacceptable,” McCain said.

Now, McCain is outraged! that former top Obama official David Petraeus is getting the callous treatment given to those being investigated for leaks.

U.S. Senators John McCain (R-Ariz.) and Lindsey Graham (R-S.C.) today released the following statement on the handling of the investigation into former CIA Director David Petraeus:

“While the facts of the case involving General David Petraeus remain unknown and are not suitable for comment, it is clear that this investigation has been grievously mishandled.

“It is outrageous that the highly confidential and law enforcement-sensitive recommendation of prosecutors to bring charges against General Petraeus was leaked to the New York Times. It is a shameful continuation of a pattern in which leaks by unnamed sources have marred this investigation in contravention to fundamental fairness.

“No American deserves such callous treatment, let alone one of America’s finest military leaders whose selfless service and sacrifice have inspired young Americans in uniform and likely saved many of their lives.”

And of course, McCain had no problem when the first story about poor Petraeus’ treatment appeared in December, quoting lots of McCain’s buddies calling for justice! for Petraeus.

McCain (and his sidekick Lindsey) are not the only ones rending their garments over the injustice of a top Obama official being investigated for leaking classified details to make himself look good. Jason Chaffetz keeps complaining about it. And Dianne Feinstein took to the Sunday shows to declare that Petraeus has suffered enough. Richard Burr apparently made false claims about how the Espionage Act has been wielded, of late, even against those whose leaks caused no harm.

Golly, you’d think all these legislators might figure out they have the authority, as legislators, to fix the overly broad application of the Espionage Act.

Meanwhile, Eli Lake — who launched the campaign to Let Our General Go last month — has an odd story complaining about Petraeus’ treatment. To Lake’s credit, he mentions — though does not quote — how Petraeus celebrated John Kiriakou’s guilty plea. Here’s what Petraeus said then about the importance of respecting your vows to secrecy:

It marks an important victory for our agency, for our intelligence community, and for our country. Oaths do matter, and there are indeed consequences for those who believe they are above the laws that protect our fellow officers and enable American intelligence agencies to operate with the requisite degree of secrecy.

Lake also suggests Paula Broadwell’s job — writing fawning biographies of the man she was fucking — was the same as Bob Woodward’s.

What’s more, Broadwell herself was writing a second book on Petraeus. When Broadwell — a graduate of West Point — was writing her first biography of him, she was given access to top secret information covering the period in which Petraeus commanded allied forces in Afghanistan. This arrangement is common in Washington for established authors. Sources for Bob Woodward, whose books often disclose classified information that is provided to him through semi-official leaks, are not investigated for betraying state secrets.

Maybe it is, maybe Woodward is nothing more than a power-fucker. But it obscures the key difference (which should not be true but is) that when the White House sanctions a book, they get to sanction self-serving leaks for it.

Finally, Lake misstates something about selective treatment.

Senior officials such as Petraeus, who serve at the highest levels of the national security state, are almost never punished as harshly as low- and mid- level analysts who are charged with leaking. When former CIA director John Deutch was found to have classified documents on his unsecure home computer, he was stripped of his security clearance and charged with a misdemeanor. 

An even better example — one not mentioned at all — is when Alberto Gonzales was found to have kept a CYA file, full of draft OLC memos and notes from a briefing on the illegal wiretap program, in a briefcase in his house. He resigned at the beginning of that investigation (and it has never been clear how much that played a role in his resignation; there are many interesting questions about Gonzales’ resignation that remain unanswered). But he suffered no consequences from keeping unbelievably sensitive documents at his house, aside from being denied the sinecure all other Bush officials got.

That said, that’s true of a lot of people in sensitive positions. Of the 40 witnesses who might be called against Jeffrey Sterling, for example, 6 have been found to have mistreated classified information (as has Sterling himself); that includes his direct supervisor while at CIA as well as 3 others cleared into the Merlin op (and I’m certain that doesn’t include Condi Rice, whose testimony the AIPAC defendants would have used to show how common leaking to the press was, nor does it include one other witness I strongly suspect has been involved in another big leak case). CIA withheld that detail from DOJ until right before the trial was due to start in 2011. But it does offer at least one metric of how common mistreating classified information is.

The prosecution of it, of course, is very selective. And that’s the problem, and David Petraeus’ problem, and Congress’ problem.

Yet that won’t ensure that Congress does anything to fix that problem with the means at their disposal, legislating a fix to stop the misuse of the Espionage Act. That’s because they like the overly broad use of it to cudgel leakers they don’t like. Just not the ones they’re particularly fond of.

Former NSA General Counsel Robert Deitz, Who Rubber-Stamped Illegal Wiretap Program, Says All Felonies Should Be Prosecuted

I’m watching a CUNY conference on sources and secrets, which currently has a panel including Bob Woodward, Jane Mayer, and former NSA General Counsel Robert Deitz.

When asked whether he could think of a leak that had been damaging, Deitz said the exposure of the illegal (he called it “special”) wiretap program had been damaging.

Then, in the context of prosecuting leaks, Deitz argued that all leaks should be prosecuted, because they involve a felony violation of an oath (that’s not always true, but I’ll just accept that Deitz believes all felonies should be prosecuted). He went on to say, “How is it you put a line around this felony and not prosecute it?”

According to the 2009 Draft NSA IG Report, Deitz, on September 20, 2001, suggested to Alberto Gonzales they should consider modifying FISA (which was then being modified as part of the PATRIOT Act); he appears to have gotten no answer. On October 5, 2001 — having asked but not been permitted to read the underlying OLC authorization for it (Addington read him a few lines over the phone), having not participated in the drafting of the Presidential Authorization for it, and having given it just one day of legal review — Deitz said a program violating the exclusivity provision of FISA was legal. On October 8, Deitz briefed the analysts who would carry out this illegal program.

Deitz’ subordinates provided the only oversight of the program at first. (Later in today’s program he claimed the line between domestic and foreign intelligence was rigorously maintained.) To his credit, Deitz ultimately fought to have the Inspector General read into the program after it had operated for some months.

This is a man who provided the legal fig leaf for a patently illegal program (though the IG Report provides no details of Deitz’ actions for the March to May 2004 timeframe, when the program was even more illegal). This is a man who showed awareness of the legally correct way to do this — include this expanded program in PATRIOT — but nevertheless accepted and participated in not doing so.

And he advocates prosecuting every felony.

Perhaps before he talks about prosecuting journalists and their sources, he should consider his own role in encouraging felonies?

The Lapses in Dragnet Notice to Congress

I’m at a great conference on national security and civil liberties. Unfortunately, speakers have repeatedly claimed that NSA fully informs Congress on its programs.

Even setting aside Dianne Feinstein’s admission that the intelligence committees exercise less oversight over programs conducted under EO 12333, there are a number of public documents that show the Executive failing to fully inform Congress:

April 27, 2005: Alberto Gonzales and Robert Mueller brief SSCI on PATRIOT Authorities in advance of reauthorization. They make no mention of the use of PR/TT to gather Internet metadata, much less the violations of Colleen Kollar-Kotelly limits on the kind of data collected during the first period of its use.

October 21, 2009: A Michael Leiter and NSA Associate Deputy Director briefing to the House Intelligence Committee pointed to the September 3, 2009 phone dragnet reauthorization as proof that NSA had regained FISC’s confidence, without mentioning further violations on September 21 and 23 — violations that NSA did not inform FISC about.

August 16, 2010: DOJ did not provide the Intelligence and Judiciary Committees with some of the pre-July 10, 2008 FISC rulings providing significant constructions of FISA pertaining to — at a minimum — Section 215 until after the first PATRIOT Reauthorization.

February 2, 2011: House Intelligence Chair Mike Rogers did not invite members of Congress to read the 2011 notice about the phone and Internet dragnets. Approximately 86 freshmen members — 65 of whom voted to reauthorize the PATRIOT Act, a sufficient number to tip the vote — had no opportunity to read that notice.

May 13, 2011: In a briefing by Robert Mueller and Valerie Caproni designed to substitute for the Executive’s notice to Congressmen about the phone and Internet dragnets, the following exchange took place.

Comment — Russ Feingold said that Section 215 authorities have been abused. How does the FBI respond to that accusation?

A — To the FBI’s knowledge, those authorities have not been abused.

While the balance of the briefing remains redacted, this seems to suggest the FBI did not brief House Republicans about the dragnet violations.

September 1, 2011: NSA did not provide notice to the House Judiciary Committee about its testing of geolocation data under Section 215 until after the reauthorization of PATRIOT Act, in spite of the fact that it had been conducting such tests throughout the 2010 and 2011 debates on the PATRIOT Act.

The NSA versus “Issue-Based Extremists”

The CBC has a Snowden-based story about how the NSA helped Canada’s Communications Security Establishment Canada in advance of and during the G20 held in Toronto in 2010. That isn’t all that surprising. As the story notes, it’s consistent with other stories of NSA spying surrounding international diplomatic meetings.

But the story does note that the Snowden documents make it clear there was no specific al Qaeda threat. Instead, the “threat” to the meeting came from “issue-based extremists.”

Much of the secret G20 document is devoted to security details at the summit, although it notes: “The intelligence community assesses there is no specific, credible information that al-Qa’ida or other Islamic extremists are targeting” the event.

No matter. The NSA warns the more likely security threat would come from “issue-based extremists” conducting acts of vandalism.

The comment reminds me of a paragraph in testimony Alberto Gonzales and Robert Mueller gave to the Senate Intelligence Committee in 2005, in advance of the first PATRIOT Act reauthorization. The testimony is notable for Gonzales and Mueller’s silence about the use of Pen Registers to collect a significant chunk of all the Internet-based metadata in the US (NSA had already been caught collecting “metadata” that was really “content” by then), even while he emphasized the “relevant to” language that had been added to Pen Registers in 2001.

Sensibly, Section 214 of the USA PATRIOT Act simplified the standard that the government must meet in order to obtain pen/trap data in national security cases. Now, in order to obtain a national security pen/trap order, the applicant must certify “that the information likely to be obtained is foreign intelligence information not concerning a United States person, or is relevant to an investigation to protect against international terrorism or clandestine intelligence activities.” Importantly, the law requires that such an investigation of a United States person may not be conducted solely upon the basis of activities protected by the First Amendment to the Constitution.

Section 214 should not be permitted to expire and return us to the days when it was more difficult to obtain pen/trap authority in important national security cases than in normal criminal cases. This is especially true when the law already includes provisions that adequately protect the civil liberties of Americans. I urge you to reauthorize section 214.

Over the course of the reauthorization process, of course, Congress added that “relevance” language to Section 215, which served as the basis for the phone dragnet of all American’s phone calls.

But the paragraph of the Gonzales/Mueller testimony that stuck out at me described how PATRIOT Section 203 — which permitted the sharing of Grand Jury, wiretap, and other criminal investigation information with intelligence professionals — had authorized information sharing at similar high profile meetings. After 8 bullet point examples showing how this information sharing had supported terrorism (or Iraqi) investigations, the testimony then revealed it had been used to authorize information sharing during 2004’s G-8 and Presidential Conventions.

In addition, last year, during a series of high-profile events — the G-8 Summit in Georgia, the Democratic Convention in Boston and the Republican Convention in New York, the November 2004 presidential election and other events — a task force used the information sharing provisions under Section 203(d) as part and parcel of performing its critical duties. The 2004 Threat Task Force was a successful inter-agency effort where there was a robust sharing of information at all levels of government.

Now perhaps these big meetings faced an Al Qaeda threat in 2004 that the G-20 didn’t face in 2010. But I’m cognizant that PATRIOT defines “foreign intelligence information” to include “sabotage,” which might be used to treat legitimate “issue-based extremists” as terrorists.

We already know that anti-war protestors (the kind of “single-issue extremists” who protested in big numbers in 2004) were investigated as terrorists as early as 2002, though DOJ professed to be unable to connect all the investigations together. Indeed, precisely that kind of “criminal” investigation started in local FBI offices is the kind of information that might be shared under PATRIOT 203(d) with a Task Force facing protestors.

We don’t know, from this one paragraph, what kind of information the government shared in 2004 in the name of “foreign intelligence.” But the 2010 Canadian example suggests the government is still (or was, as recently as 2010) treating legitimate protestors as outside infiltrators. Which makes it likely that the US did the same back during the height of anti-Iraq War protests.

Wrong Agency, Wrong Minimization: Two More Ways the Original Phone Dragnet Application Violated the Law

In addition to everything else several of us have been pointing out in the original Internet metadata opinion and the phone metadata application, there are two more problems with the phone dragnet.

They’re using the wrong agency and the wrong minimization procedures.

Section 215 reads, in part:

[T]he Director of the Federal Bureau of Investigation or a designee of the Director (whose rank shall be no lower than Assistant Special Agent in Charge) may make an application for an order requiring the production of any tangible things [my emphasis]

Here’s who signed the application that kicked off the phone dragnet program:

Screen shot 2013-11-19 at 3.02.54 PM

 

This is probably the lesser of these two problems. After all, the law permits the FBI Director to delegate this, and delegating the application to your boss is probably perfectly fine. Though it is a bit of a conflict if the boss in question was, in part, trying to legalize a program that had operated under his purview when he worked at the White House.

The problem becomes bigger still given that there’s no explanation of how it is that an NSA declaration serves as backup for an application to obtain data for the NSA, the use of which is limited to FBI. At least in what we get (which, remember, is what got produced to Congress, not what got submitted to the Court), there’s no discussion of that process.

The other problem is a bit more complicated. As I described last week, the 2006 Reauthorization of the PATRIOT Act included a new requirement that the Attorney General develop minimization procedures for Section 215.

(1) IN GENERAL- Not later than 180 days after the date of the enactment of the USA PATRIOT Improvement and Reauthorization Act of 2005, the Attorney General shall adopt specific minimization procedures governing the retention and dissemination by the Federal Bureau of Investigation of any tangible things, or information therein, received by the Federal Bureau of Investigation in response to an order under this title.

(2) DEFINED- In this section, the term `minimization procedures’ means–

(A) specific procedures that are reasonably designed in light of the purpose and technique of an order for the production of tangible things, to minimize the retention, and prohibit the dissemination, of nonpublicly available information concerning unconsenting United States persons consistent with the need of the United States to obtain, produce, and disseminate foreign intelligence information;

(B) procedures that require that nonpublicly available information, which is not foreign intelligence information, as defined in section 101(e)(1), shall not be disseminated in a manner that identifies any United States person, without such person’s consent, unless such person’s identity is necessary to understand foreign intelligence information or assess its importance;

This post describes how DOJ basically blew off that requirement and — at least according to former DOJ Inspector General Glenn Fine — instead used existing procedures that didn’t meet the terms of the law.

Given that this application passed just 2 months after the Reauthorization, this dragnet application was probably one of the earliest Section 215 applications submitted after the Reauthorization so there might have been a discussion about this new requirement anyway. But in this case, the new requirement should have posed an additional problem. The data went not to FBI, but immediately to NSA, an enormous database of non-publicly available of information pertaining to US persons, handed off without a hint of minimization first.

Here’s how the application dealt with minimization procedures.

NSA will apply the existing (Attorney General approved) guidelines in United States Signals Intelligence Directive 18 (1993) … to minimize the information reported concerning U.S. persons.

USSID 18 is supposed to be less restrictive than FBI minimization procedures (though FBI data gets shared freely with other agencies).

There’s not only no discussion in this application of how USSID 18 meets the terms of the law, but there’s no discussion of what it means that NSA basically got unminimized data for which FBI is, by law, the proper recipient, which should be the most voluminous minimization violation ever.

And yet … the application doesn’t even acknowledge this problem at all.

The “Heroes” of the Hospital Confrontation Brief the FISC

I’m going to have several posts on the documents released yesterday, starting with the Internet dragnet opinion and the phone dragnet application.

But to give those two background, I want to look at a passage in the Internet dragnet opinion, in which Colleen Kollar-Kotelly describes a fascinating briefing that she received in advance of authoring what Orin Kerr describes as a “quite strange” opinion.

After describing some declarations she received (including one from a person whose title remains redacted) and some questions she posed, she describes this briefing.

The Court also relies on information and arguments presented in a briefing to the Court on [redacted] which addressed the current and near-term threats posed by [redacted reference to Al Qaeda and others], investigations conducted by the Federal Bureau of investigation (FBI) to counter those threats, the proposed collection activities of the NSA (now described in the instant application), the expected analytical value of information so collected in efforts to identify and track operatives [redacted] and the legal bases for conducting these collection activities under FISA’s pen register/trap and trace provisions. 4

4 This briefing was attended by (among others) the Attorney General; [redacted] the DIRNSA; the Director of the FBI; the Counsel to the President; the Assistant Attorney General for the Office of Legal Counsel; the Director of the Terrorist Threat Integration Center (TTIC); and Counsel for Intelligence Policy.

That is, right at the beginning of her opinion, Kollar-Kotelly tells us that she had a briefing with:

  • AG John Ashcroft
  • [redacted]
  • DIRNSA Michael Hayden
  • FBI Director Robert Mueller
  • Counsel to the President Alberto Gonzales
  • AAG for OLC Jack Goldsmith
  • TTIC Director John Brennan
  • Counsel for OIPR James Baker

On page 30, Kollar-Kotelly seems to refer to the same redacted person again, which in the context of the reference to CIA v. Sims in that footnote, seems to suggest this is a reference to CIA Director George Tenet, which suggests the redacted author of the brief she relied on was authored by Tenet. (I leave open the more tantalizing possibility that it’s someone like Dick Cheney, but highly doubt it.)

So before she approved the use of FISA’s Pen Register to collect much of the Internet metadata in the US, she had a meeting with at least one of the villains — Alberto Gonzales — of the hospital confrontation at which DOJ refused to reauthorize the Internet metadata program that was part of the President’s illegal wiretap program, and at least three of its “heroes:” Ashcroft, Mueller, and Goldsmith.

Interestingly, this meeting does not appear — at least not described as such — in the Draft NSA IG Report description of the transition to a FISC order.

After extensive coordination, DoJ and NSA devised the PRITT theory to which the Chief Judge of the FISC seemed amenable. DoJ and NSA worked closely over the following months, exchanging drafts of the application, preparing declarations, and responding to questions from court advisers. NSA representatives explained the capabilities that were needed to recreate the Authority, and DoJ personnel devised a workable legal basis to meet those needs. In April 2004, NSA briefed Judge Kollar-Kotelly and a law clerk because Judge Kollar-Kotelly was researching the impact of using PSP-derived information in FISA applications. In May 2004, NSA personnel provided a technical briefmg on NSA collection of bulk Internet metadata to Judge Kollar-Kotelly. In addition, General Hayden said he met with Judge Kollar-Kotelly on two successive Saturdays during the summer of 2004 to discuss the on-going efforts.

Was this “briefing” one of the Saturday meetings Hayden had with FISC’s Presiding Judge?

Remember, David Kris described the genesis of the bulk collection programs this way, in a paper emphasizing the role of the Internet dragnet.

More broadly, it is important to consider the context in which the FISA Court initially approved the bulk collection. Unverified media reports (discussed above) state that bulk telephony metadata collection was occurring before May 2006; even if that is not the case, perhaps such collection could have occurred at that time based on voluntary cooperation from the telecommunications providers. If so, the practical question before the FISC in 2006 was not whether the collection should occur, but whether it should occur under judicial standards and supervision, or unilaterally under the authority of the Executive Branch.

[snip]

The briefings and other historical evidence raise the question whether Congress’s repeated reauthorization of the tangible things provision effectively incorporates the FISC’s interpretation of the law, at least as to the authorized scope of collection, such that even if it had been erroneous when first issued, it is now—by definition—correct. [my emphasis]

The Internet dragnet was illegal. At least 3 of the people who conveyed the importance of authorizing this program had said so — in very dramatic fashion — less than four months before she would do so.

And yet she wrote a memo saying it was legal.

Update, 8/12/14: This application confirms that George Tenet was the redacted declaration submitter.

The Phone Dragnet Did Not (and May Still Not) Meet the PATRIOT Act’s Minimization Requirements

While a number of the changes to Section 215 passed just before the government started relying on it to create a database of all phone-based relationships in the United States watered down the law, one provision made the law stricter.

The 2006 Reauthorization required the Attorney General to establish minimization procedures for the data collected under the program.

(g) Minimization Procedures and Use of Information- Section 501 of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1861) is further amended by adding at the end the following new subsections:

(g) Minimization Procedures-

(1) IN GENERAL- Not later than 180 days after the date of the enactment of the USA PATRIOT Improvement and Reauthorization Act of 2005, the Attorney General shall adopt specific minimization procedures governing the retention and dissemination by the Federal Bureau of Investigation of any tangible things, or information therein, received by the Federal Bureau of Investigation in response to an order under this title.

(2) DEFINED- In this section, the term `minimization procedures’ means–

(A) specific procedures that are reasonably designed in light of the purpose and technique of an order for the production of tangible things, to minimize the retention, and prohibit the dissemination, of nonpublicly available information concerning unconsenting United States persons consistent with the need of the United States to obtain, produce, and disseminate foreign intelligence information;

(B) procedures that require that nonpublicly available information, which is not foreign intelligence information, as defined in section 101(e)(1), shall not be disseminated in a manner that identifies any United States person, without such person’s consent, unless such person’s identity is necessary to understand foreign intelligence information or assess its importance; and

(C) notwithstanding subparagraphs (A) and (B), procedures that allow for the retention and dissemination of information that is evidence of a crime which has been, is being, or is about to be committed and that is to be retained or disseminated for law enforcement purposes.

(h) Use of Information- Information acquired from tangible things received by the Federal Bureau of Investigation in response to an order under this title concerning any United States person may be used and disclosed by Federal officers and employees without the consent of the United States person only in accordance with the minimization procedures adopted pursuant to subsection (g). No otherwise privileged information acquired from tangible things received by the Federal Bureau of Investigation in accordance with the provisions of this title shall lose its privileged character. No information acquired from tangible things received by the Federal Bureau of Investigation in response to an order under this title may be used or disclosed by Federal officers or employees except for lawful purposes.’.

But from the very start, the FISA Court and the Administration set out to ignore this requirement. After all, well before anyone did any analysis about the foreign intelligence value of the phone dragnet data, the FBI disseminated all of it, by having the telecoms hand it over directly to the NSA. And phone numbers are US person identifiers (best demonstrated by NSA’s use of phone numbers as identifiers to conduct searches in other contexts).

Thus, before any Agency even touched the data, the phone dragnet scheme violated this provision by disseminating non-publicly available information about US person identifiers on every single American without their consent.

According to FISC’s original Section 215 phone dragnet order, the NSA only had to abide by the existing SID-18 minimization procedures.

[D]issemination of U.S. person information shall follow the standard NSA minimization procedures found in the Attorney General-approved guidelines (U.S. Signals Intelligence Directive 18). [link added]

And the FBI only applied the minimization procedures it used to fulfill the statute after the NSA had already run queries on it.

With respect to any information the FBI receives as a result of this Order (information that is passed or “tipped” to it by NSA), the FBI shall follow as minimization procedures the procedures set forth in The Attorney General’s Guidelines for FBI National Security Investigations and Foreign Intelligence Collection (October 31, 2003). [link added]

Even after this initial order, the Attorney General did not comply with the mandate to come up with minimization procedures specific to Section 215. Instead, then Attorney General Alberto Gonzales just adopted four sections of the National Security Investigations Guidelines.

In analysis included in a 2008 review of the FBI’s use of Section 215, DOJ Inspector General Glenn Fine deemed this measure to fall short of the statute’s requirements.

These interim minimization procedures use general hortatory language stating that all activities conducted in relation to national security investigations must be “carried out in conformity with the Constitution.” However, we believe this broad standard does not provide the specific guidance for minimization procedures that the Reauthorization Act appears to contemplate.

[snip]

[T]he Reauthorization Act required the Department to adopt “specific procedures” reasonably designed to “minimize the retention, and prohibit the dissemination, of nonpublicly available information concerning unconsenting United States persons consistent with the need of the United States to obtain, produce, and disseminate foreign intelligence information.” We believe that the interim procedures do not adequately address this requirement, and we recommend that the Department continue its efforts to construct specific minimization procedures relating to Section 215 orders, rather than rely on general language in the Attorney General’s NSI Guidelines.

As I’ll show in a follow-up post, presumably in response to Fine’s report, Attorney General Michael Mukasey adopted new, arguably even more general guidelines to fulfill this requirement, the AG Guidelines for Domestic FBI Operations. (I strongly suspect the August 20, 2008 FISC opinion the government won’t release authorizes the language that would appear in those Guidelines).

But the implications of this have more immediate significance.

After all, the only known American who got busted based on a Section 215 tip, Basaaly Moalin, argues for a new trial tomorrow. And he was tipped based on dissemination that took place in 2007 — that is, before DOJ even tried to address these problematic minimization procedures. He was tipped based on dissemination that — under the letter of the PATRIOT Act — should never have happened.

Update: With regards to Moalin’s case, this seems pertinent.

As of early December 2007, the [Director of National Intelligence] working group [trying to harmonize defintions] had not defined “U.S. person identifying information.

This means that, at the time he was identified in the dragnet, the entire intelligence community was still fighting over whether phone numbers constituted US person identifying information entitled to additional protection.

Update: In an address to the EU Parliament, Jim Sensenbrenner accuses NSA of ignoring civil liberty protections in the PATRIOT Act.

“I firmly believe the Patriot Act saved lives by strengthening the ability of intelligence agencies to track and stop potential terrorists, but in the past few years, the National Security Agency has weakened, misconstrued and ignored the civil liberty protections we drafted into the law,” he said, adding that the NSA “ignored restrictions painstakingly crafted by lawmakers and assumed a plenary authority we never imagined.”

Three Theories Why the Section 215 Phone Dragnet May Have Been “Erroneous” from the Start

Update, 1/6/14: I just reviewed this post and realize it’s based on the misunderstanding that the February 24 OLC opinion is from last year, not 2006. That said, the analysis of the underlying tensions that probably led to the use of Section 215 for the phone dragnet are, I think, still valid. 

According to ACLU lawyer Alex Abdo, the government may provide more documents in response to their FOIA asking for documents relating to Section 215 on November 18. Among those documents is a February 24, 2006 FISA Court opinion, which the government says it is processing for release.

That release — assuming the government releases the opinion in any legible form — should solve a riddle that has been puzzling me for several weeks: whether the FISA Court wrote any opinion authorizing the phone dragnet collection before its May 24, 2006 order at all.

The release may also provide some insight on why former Assistant Attorney General David Kris concedes the initial authorization for the program may have been “erroneous.”

More broadly, it is important to consider the context in which the FISA Court initially approved the bulk collection. Unverified media reports (discussed above) state that bulk telephony metadata collection was occurring before May 2006; even if that is not the case, perhaps such collection could have occurred at that time based on voluntary cooperation from the telecommunications providers. If so, the practical question before the FISC in 2006 was not whether the collection should occur, but whether it should occur under judicial standards and supervision, or unilaterally under the authority of the Executive Branch.

[snip]

The briefings and other historical evidence raise the question whether Congress’s repeated reauthorization of the tangible things provision effectively incorporates the FISC’s interpretation of the law, at least as to the authorized scope of collection, such that even if it had been erroneous when first issued, it is now—by definition—correct. [my emphasis]

That “erroneous” language comes not from me, but from David Kris, one of the best lawyers on these issues in the entire country.

And the date of the opinion — February 24, 2006, 6 days before the Senate would vote to reauthorize the PATRIOT Act having received no apparent notice the Administration planned to use it to authorize a dragnet of every American’s phone records — suggests several possible reasons why the original approval is erroneous.

Possibility one: There is no opinion

The first possibility, of course, is that my earlier guess was correct: that the FISC court never considered the new application of bulk collection, and simply authorized the new collection based on the 2004 Colleen Kollar-Kotelly opinion authorizing the Internet dragnet. In this possible scenario, that February 2006 opinion deals with some other use of Section 215 (though I doubt it, because in that case DOJ would withhold it, as they are doing with two other Section 215 opinions dated August 20, 2008 and November 23, 2010).

So one possibility is the FISA Court simply never considered whether the phone dragnet really fit the definition of relevant, and just took the application for the first May 24, 2006 opinion with no questions. This, it seems to me, would be erroneous on the part of FISC.

Possibility two: FISC approved the dragnet based on old PATRIOT knowing new “relevant to” PATRIOT was coming

Another possibility is that the FISA Court rushed through approval of the phone dragnet knowing that the reauthorization that would be imminently approved would slightly different language on the “relevance” standard (though that new language was in most ways more permissive). Thus, the government would already have an approval for the dragnet in hand at the time when they applied to use it in May, and would just address the “relevance” language in their application, which we know they did.

In this case, the opinion would seem to be erroneous because of the way it deliberately sidestepped known and very active actions of Congress pertaining to the law in question.

Possibility three: FISC approved the dragnet based on new PATRIOT language even before it passed

Another possibility is that FISC approved the phone dragnet before the new PATRIOT language became law. That seems nonsensical, but we do know that DOJ’s Office of Intelligence Policy Review briefed FISC on something pertaining to Section 215 in February 2006.

After passage of the Reauthorization Act on March 9, 2006, combination orders became unnecessary for subscriber information and [one line redacted]. Section 128 of the Reauthorization Act amended the FISA statute to authorize subscriber information to be provided in response to a pen register/trap and trace order. Therefore, combination orders for subscriber information were no longer necessary. In addition, OIPR determined that substantive amendments to the statute undermined the legal basis for which OIPR had received authorization [half line redacted] from the FISA Court. Therefore, OIPR decided not to request [several words redacted] pursuant to Section 215 until it re-briefed the issue for the FISA Court. 24

24 OIPR first briefed the issue to the FISA Court in February 2006, prior to the Reauthorization Act. [two lines redacted] [my emphasis]

Still, this passage seems to reflect an understanding, at the time DOJ briefed FISC and at the time that the FISC opinion was written that the law was changing in significant ways (some of which made it easier for the government to get IDs along with the Internet metadata it was collecting using a Pen Register).

This would seem to be erroneous for timing reasons, in that the judge issued an opinion based on a law that had not yet been signed into law, effectively anticipating Congress.

The looming threat of Hepting v. AT&T and Mark Klein’s testimony

Which brings me to why. The 2009 Draft NSA IG Report describes some of what went on in this period.

After the New York Times article was published in December 2005, Mr. Potenza stated that one of the PSP providers expressed concern about providing telephone metadata to NSA under Presidential Authority without being compelled. Although OLC’s May 2004 opinion states that NSA collection of telephony metadata as business records under the Authorization was legally supportable, the provider preferred to be compelled to do so by a court order.

As with the PR/TT Order, DOJ and NSA collaboratively designed the application, prepared declarations, and responded to questions from court advisors. Their previous experience in drafting the PRTT Order made this process more efficient.

The FISC signed the first Business Records Order on 24 May 2006. The order essentially gave NSA the same authority to collect bulk telephony metadata from business records that it had under the PSP. And, unlike the PRTT, there was no break in collection at transition.

But the IG Report doesn’t explain why the telecom(s) started getting squeamish after the NYT scoop.

It doesn’t mention, for example, that on January 17, 2006, the ACLU sued the NSA in Detroit. A week after that suit was filed, Attorney General Alberto Gonzales wrote the telecoms a letter giving them cover for their cooperation.

On 24 January 2006, the Attorney General sent letters to COMPANIES A, B, and C, certifying under 18 U.S.C. 2511 (2)( a)(ii)(B) that “no warrant or court order was or is required by law for the assistance, that all statutory requirements have been met, and that the assistance has been and is required.”

Note, this wiretap language pertains largely to the collection of content (that is, the telecoms had far more reason to worry about sharing content). Except that two issues made the collection of metadata particularly sensitive: the data mining of it, and the way it was used to decide who to wiretap.

More troubling still to the telecoms, probably, came when EFF filed a lawsuit, Hepting, on January 31 naming AT&T as defendant, largely based on an LAT story of AT&T giving access to the its stored call records.

But I’m far more interested in the threat that Mark Klein, the AT&T technician who would ultimately reveal the direct taps on AT&T switches at Folsom Street, posed. Continue reading

1 2 3 8
Emptywheel Twitterverse
bmaz When it comes to crim justice, procedural+civil rights concerns, Joe Biden is the same horrible man Roger Goodell is: http://t.co/MJpyiWIfHz
40sreplyretweetfavorite
bmaz @kdrum @unorigmoniker Now THAT might actually make America great again.
3mreplyretweetfavorite
emptywheel @astepanovich Dunno. We should get someone to apply to see what they want. ;p
11mreplyretweetfavorite
emptywheel "Act as a senior Agency rep to private sector, particularly for engagements w/cos in info tech business sector." https://t.co/GVLI73mKNL
12mreplyretweetfavorite
emptywheel And, as @riffraafx and @HeerJeet noted, this is more evidence GOP is going thru Kubler Ross process w/Trump. http://t.co/Cd8qH1JBjH
14mreplyretweetfavorite
emptywheel One thing I'd add to my 5 stages of Donald Trump grief http://t.co/J3HAiONyhr would be this meltdown at focus group. http://t.co/uw8J55DLRH
18mreplyretweetfavorite
emptywheel I beat Vox to a Kubler Ross 5 Stages of Donald Trump grief, but I could already update it w/further evidence. http://t.co/J3HAiONyhr
19mreplyretweetfavorite
emptywheel I love GOP primary season, I'm not going to lie. Since 2007 it has been the best -- and funniest -- reality show on TV.
25mreplyretweetfavorite
bmaz Oh, well then, I wonder what King Goodell is thinking about now?? Be prepared to find extreme BS from @NFL #CantWait https://t.co/fbofMuahOU
25mreplyretweetfavorite
bmaz Judge Berman orders NFL-NFLPA to not file documents under seal http://t.co/lPsVP8ErUD via @ProFootballTalk
27mreplyretweetfavorite
bmaz @benjaminwittes Naw, this one is stupid.
34mreplyretweetfavorite
August 2015
S M T W T F S
« Jul    
 1
2345678
9101112131415
16171819202122
23242526272829
3031