Posts

The Other Servers and Laptops FBI Never Investigated: VR Systems and North Carolina Polling Books

Ron Wyden had a lot to say in his minority views to the SSCI Report on election security released yesterday, mostly arguing that there need to be national standards and assistance and that no one can make any conclusions about the effects of Russia’s efforts in 2016 because no one collected the data to make such conclusions.

But there’s one line in his section raising questions about the 2016 conclusions I find particularly interesting, pertaining to VR Systems (which he doesn’t name).

Assessments about Russian attacks on the administration of elections are also complicated by newly public information about the infiltration of an election technology company.

Since the Mueller Report came out, Wyden has been trying to chase down this reference in the report to the VR Systems hack.

Unit 74455 also sent spear-phishing emails to public officials involved in election administration and personnel a~ involved in voting technology. In August 2016, GRU officers targeted employees of [redacted; VR Systems], a voting technology company that developed software used by numerous U.S. counties to manage voter rolls, and installed malware on the company network.

In May, he sent a letter to VR Systems President Mindy Perkins, asking how the company could claim, in March 2018, that it had not experienced a security breach when the report said it had been infected with malware in August 2016. In response, the company told Wyden (according to a letter he and Amy Klobuchar sent FBI Director Chris Wray) that they had alerted the FBI that they found suspicious IPs in their logs in real time, but that FBI had never explained the significance of that.

In a May 16, 2019, letter to Senator Wyden, VR Systems described how it participated in an August 2016 conference call with law enforcement. Participants in that call were apparently asked by the FBI to “be on the lookout for certain suspicious IP addresses.” According to VR Systems, the company examined its website logs, “found that several of the IP addresses had, in fact, visited our website” and as a result, the company “notified the FBI as we had been directed to do.” VR Systems indicates they did not know that these IP addresses were part of a larger pattern until 2017, which suggests the FBI may not have followed up with VR Systems in 2016 about the nature of the threat they faced.

The implication from Wyden’s letters is that VR Systems only hired FireEye to conduct an assessment of what happened after Reality Winner leaked an NSA document making it clear they had been targeted by GRU in 2017. [Update: Kim Zetter actually reported this here.]

In their June 12 letter, Wyden and Klobuchar asked Wray whether the FBI followed up on VR Systems’ report.

  1. What steps, if any, did the FBI take to examine VR Systems’ servers for evidence of a successful cyber breach after the company alerted the FBI, in August of 2016, to the presence of suspicious IP addresses in its website logs? If the FBI did not examine VR Systems’ servers or request access to those servers, please explain why.
  2. Several months after VR Systems first contacted the FBI, electronic pollbooks made by the company malfunctioned during the November 8 general election in Durham County, North Carolina. In the two and a half years since that incident in Durham County, has the FBI requested access to the pollbooks that malfunctioned, and the computers used to configure them, in order to examine them for evidence of hacking? If not, please explain why.
  3. VR Systems contracted FireEye to perform a forensic examination of its systems in the summer of 2017. Has the FBI reviewed FireEye’s conclusions? If so, what were its key findings?

It’s unclear how Wray answered (or didn’t). But just before Wyden sent this letter, the WaPo reported that no one had yet conducted a forensic examination of the laptops used in the VR Systems polling books in North Carolina. After Democrats took over control, they finally persisted in getting DHS to agree to check the laptops.

On Tuesday, the Department of Homeland Security told The Washington Post it will conduct a forensic analysis of the laptops used in Durham County elections in 2016. Lawson said North Carolina first asked the department to conduct such a review more than 18 months ago, though he added that DHS has generally been a “good partner” on election security.

“We appreciate the Department of Homeland Security’s willingness to make this a priority so the lingering questions from 2016 can be addressed in advance of 2020,” said Karen Brinson Bell, the newly appointed executive director of the State Board of Elections.

After the election, Durham County hired a firm called Protus3 to dig into what happened. The security consultant said it appeared the problems were caused by user error but ended its 12-page report with a list of recommendations that included examining computers in a lab setting and interviewing more election workers.

Durham County elections director Derek Bowens said he is comfortable with the report’s conclusions. Even so, in 2017, the county switched to electronic poll books created by the state. Bowens said in an interview that the state’s software would save money and is, in his view, better.

But for North Carolina officials, concerns resurfaced in June 2017 when the website Intercept posted a leaked National Security Agency report referencing “cyber espionage operations against a . . . U.S. company in August 2016.” The NSA report said that “it was likely that at least one account was compromised.”

VR Systems soon acknowledged that hackers had targeted the company but insisted that its network had not been breached.

North Carolina officials weren’t so sure.

“This was the first leak that indicated anything like a nation-state actor targeting a voting systems vendor,” Lawson said.

The state elections board soon launched its own investigation, seizing 40 laptops from Durham in July. And it suspended the certification that allowed more than 20 North Carolina counties to use VR Systems’ poll books during elections, an action that would later land in court. “Over the past few months there has been a considerable change in the election security landscape and the level of scrutiny we receive,” the board wrote in a letter explaining its decision to VR Systems.

No one working for the board had the technical expertise to do a forensic examination of the machines for signs of intrusion. Staffers asked DHS for technical help but did not get a substantive answer for a year and a half, Lawson said.

As noted, FireEye appears to have done an assessment at VR Systems itself in the wake of the Winner disclosure. The WaPo reports that FireEye declared VR Systems hadn’t been hacked, but wouldn’t share any information with Wyden or–apparently–DHS.

VR Systems said a cybersecurity firm it hired to review its computer network in 2017 found no evidence of a hack. A subsequent review by DHS also found no issues, the company said. VR Systems declined to give Wyden documentation of those reviews, citing the need to protect proprietary information.

Wyden in a statement to The Post accused VR Systems of “stonewalling congressional oversight.”

A senior U.S. official confirmed DHS’s review of VR Systems’s network to The Post and noted that by the time agency investigators arrived, a commercial vendor had already “swept” the networks. “I can’t tell you what happened before the commercial vendor came in there,” the official said, speaking on the condition of anonymity to discuss a sensitive matter.

The same day as the WaPo report, Kim Zetter reported that VR Systems used remote updates for their software, opening up a possible point of compromise for hackers.

For two years, GRU hack denialists have thought it was the most important thing that the DNC provided FBI Crowdstrike’s forensic images of the hacked laptops, rather than providing the servers themselves.

But that step has, apparently, not been done yet with VR Systems. And the laptops that failed on election day are only now being forensically examined.  Which is why, I presume, that Wyden believes it’s premature to claim no vote totals were affected on election day 2016.

Three Times William Barr Said Trading Pardons for False Testimony Was Obstruction of Justice

In the discussion of the Bill Barr memo in the last two days, the discussion of Barr’s claimed views on obstruction have mostly focused on the crazier parts of the memo that got him the job, and not even the passage at the bottom of the first page where he claimed to believe that if a President suborned perjury, it’d be a crime for him just as it would be for anyone else.

Obviously, the President and any other official can commit obstruction in this classic sense of sabotaging a proceeding’s truth-finding function. Thus, for example, if a President knowingly destroys or alters evidence, suborns perjury, or induces a witness to change testimony, or commits any act deliberately impairing the integrity or availability of evidence, then he, like anyone else, commits the crime of obstruction.

There has been far less attention to what he said in his confirmation hearing (where Lindsey Graham did not put him under oath). There were three substantive exchanges about what might constitute obstruction of justice for a President. And all of them get perilously close to behavior that Barr, now ensconced as Attorney General, claimed Sunday did not amount to obstruction of justice.

When Barr answered these questions, he appeared to have little awareness that Trump had floated pardons to — at least — Paul Manafort, Mike Flynn, and Michael Cohen. The first time he got asked about a pardon for false testimony, he stated clearly that would be a crime.

Patrick Leahy, specifically invoking Barr’s sanction of the Caspar Weinberger pardon that squelched the Iran-Contra investigation, asked Barr about pardons.

Leahy: Do you believe a president could lawfully issue a pardon in exchange for the recipient’s promise to not incriminate him?

Barr: No, that would be a crime.

Then, in this exchange from Amy Klobuchar, it appeared to take Barr several questions before he realized she knew more about the evidence than he did, and started couching his answers.

Klobuchar: You wrote on page one that a President persuading a person to commit perjury would be obstruction. Is that right?

Barr: [Pause] Yes. Any person who persuades another —

Klobuchar: Okay. You also said that a President or any person convincing a witness to change testimony would be obstruction. Is that right?

Barr: Yes.

Klobuchar: And on page two, you said that a President deliberately impairing the integrity or availability of evidence would be an obstruction. Is that correct?

Barr: Yes.

Klobuchar: OK. And so what if a President told a witness not to cooperate with an investigation or hinted at a pardon?

Barr: I’d have to now the specifics facts, I’d have to know the specific facts.

Klobuchar: OK. And you wrote on page one that if a President knowingly destroys or alters evidence, that would be obstruction?

Barr: Yes.

Klobuchar: OK. So what if a President drafted a misleading statement to conceal the purpose of a meeting. Would that be obstruction?

Barr: Again, I’d have to know the specifics.

Shortly after that exchange, Lindsey Graham tried to clarify the issue, asking the pardon question at a more basic level, coaching another not to testify, as Trump has done on Twitter repeatedly.

Lindsey: So if there was some reason to believe that the President tried to coach somebody not to testify or testify falsely, that could be obstruction of justice?

Barr: Yes, under that, under an obstruction statute, yes.

Lindsey: So if there’s some evidence that the President tried to conceal evidence? That would be obstruction of justice, potentially?

Barr: [nods]

Admittedly, by the third exchange, both Lindsey and Barr were hedging far more carefully about the set of facts.

But on three different occasions during his confirmation hearing, Barr made some kind of statement that said floating pardons for false testimony would be a crime.

And then, on Sunday, he said it wasn’t a crime.

As I disclosed last July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

Into Shutdown Day 28: Is the GOP Senate Obstructing Justice?

[NB: Always check the byline, folks. /~Rayne]

As we roll through the afternoon into the 28th day of the longest-ever government shutdown, let’s revisit Senator Amy Klobuchar’s questions to Attorney General nominee Bill Barr before the Senate Judiciary Committee this week.

She asked him about his opinion on obstruction of justice. Barr discussed in his June 2018 memo addressed to Deputy Attorney General Rod Rosenstein and Assistant Attorney General Steve Engel, focusing on Special Counsel Robert Mueller’s “‘Obstruction’ Theory.”

Four key points give pause:

  • Deliberately impaired integrity or availability of evidence;
  • Knowing destruction or alteration of evidence;
  • Ordering witness/es not to cooperate with investigation;
  • Misleading statements to conceal purposes.

Klobuchar asked Barr about each of these during the hearing:

(3:17) KLOBUCHAR: You wrote on page one that a president persuading a person to commit perjury would be obstruction. Is that right?

BARR: Yes.

KLOBUCHAR: Okay.

BARR: Or any, any, well, you know, or any person who persuades another, yeah.

(3:31) KLOBUCHAR: Okay. You also said that a president or any person convincing a witness to change testimony would be obstruction. Is that right?

BARR: Yes.

KLOBUCHAR: Okay.

(3:42) KLOBUCHAR: And on page 2 you said that a president deliberately impairing the integrity or availability of evidence would be an instruction*. Is that correct?

BARR: Yes.

KLOBUCHAR: Okay, and um, so what if the president told the witness not to cooperate with an investigation, or hinted at a pardon?

BARR: You know, I, I’d have to know the specific, I’d have to know the specific facts.

(4:03) KLOBUCHAR: And you wrote on page one that if a president knowingly destroys or alters evidence, that would be obstruction.

BARR: Yes.

(4:13) KLOBUCHAR: Okay. Um, so what if a president drafted a misleading statement to conceal the purpose of a meeting. Would that be obstruction?

BARR: Again, you know the, I’d have to know the, I’d have to know the specifics.

KLOBUCHAR: All right.

(* Not clear if she said “instruction” or “obstruction”; she was referring to the discussion obstruction in Barr’s memo.)

So what does this have to do with the shutdown? Regardless of the genesis and distribution of Barr’s memo or his opinion, these forms of obstruction are exactly what the government shutdown accomplishes.

Evidence to be gathered by and from some government resources may be limited by the furlough. IRS staff, for example, may have been called back to handle refunds but are there IRS staff on duty who may respond to subpoenas for tax returns? What of so-called “non-essential” personnel who might handle document requests in other departments? Have furloughed federal employees who are not yet called back indirectly ordered not to cooperate with investigations by virtue of their locked out status?

We already know that Trump avoided creating and processing records of his discussions with Putin, a likely violation of the Presidential Records Act. Has he further destroyed or altered evidence subject to the PRA but prevented staff responsible for handling and recovering destroyed/altered evidence from doing so with the shutdown? (Recall the archivist-records managers who had been taping together Trump’s documents but were fired by second quarter 2018.)

Has the demand for the wall itself, in any statements or writings demanding this wall, been an attempt to conceal the true intent of the shutdown as an act of obstruction? Recall how upset Trump was with Mick Mulvaney when Mulvaney tried to offer a number lower than Trump’s demanded $5.7B and higher than House Democrat’s offered $1.3B; Trump yelled at him in front of members of Congress and told him, “You just fucked it up!

Was it not the wall’s funding but obstruction by shutdown Mulvaney interfered with by trying to offer a means to reopen the government?

If there is any doubt at all about these points, Senate Majority Leader Mitch McConnell is obligated to permit bills through which would end the shutdown or at least extend temporary funding, so that obstruction by shutdown is at an end.

The GOP Senate caucus is likewise obligated to take measures to end the shutdown, including replacement of their Senate Majority Leader if he continues to obstruct government’s operation.

Neither McConnell nor the GOP Senate caucus appear to be acting in good faith about this shutdown. At least Mulvaney made a reasonable, good faith effort before being sworn at and shot down by Trump.

If we thought the GOP Senate was compromised before by Russian-furnished NRA money, they deepen their compromise by refusing to address the obstructive shutdown. Is their “lack of alarm” about the lengthening shutdown due not to their ideology but their resignation to this obstruction?

Why is Mitch McConnell still Senate Majority Leader at this point? Former Senate Majority Leader Trent Lott was asked to step down for supporting a noted racist, and McConnell know this because he was instrumental to Lott’s removal.

Why is the GOP Senate aiding and abetting this obstruction of justice at scale?

#WhyMitch

Congressional switchboard: (202) 224-3121

One Takeaway from the Five Takeaways from the Comey Hearing: Election 2016 Continues to Suffocate Oversight

The Senate Judiciary Committee had an oversight hearing with Jim Comey yesterday, which I live-tweeted in great depth. As you can imagine, most of the questions pertained either to Comey’s handing of the Hillary investigation and/or to the investigation into Russian interference in the election. So much so that The Hill, in its “Five Takeaways from Comey’s testimony,” described only things that had to do with the election:

  • Comey isn’t sorry (but he was “mildly nauseous” that his conduct may have affected the outcome)
  • Emotions over the election are still raw
  • Comey explains DOJ dynamic: “I hope someday you’ll understand”
  • The FBI may be investigating internal leaks
  • Trump, Clinton investigations are dominating FBI oversight

The Hill’s description of that third bullet doesn’t even include the “news” from Comey’s statement: that there is some still-classified detail, in addition to Loretta Lynch’s tarmac meeting with Bill Clinton and the intercepted Hillary aide email saying Lynch would make sure nothing happened with the investigation, that led Comey to believe he had to take the lead on the non-indictment in July.

I struggled as we got closer to the end of it with the — a number things had gone on, some of which I can’t talk about yet, that made me worry that the department leadership could not credibly complete the investigation and declined prosecution without grievous damage to the American people’s confidence in the — in the justice system.

As I said, it is true that most questions pertained to Hillary’s emails or Russia. Still, reports like this, read primarily by people on the Hill, has the effect of self-fulfilling prophecy by obscuring what little real oversight happened. So here’s my list of five pieces of actual oversight that happened.

Neither Grassley nor Feinstein understand how FISA back door searches work

While they primarily focused on the import of reauthorizing Section 702 (and pretended that there were no interim options between clean reauthorization and a lapse), SJC Chair Chuck Grassley and SJC Ranking Member Dianne Feinstein both said things that made it clear they didn’t understand how FISA back door searches work.

At one point, in a discussion of the leaks about Mike Flynn’s conversation with Sergey Kislyak, Grassley tried to suggest that only a few people at FBI would have access to the unmasked identity in those intercepts.

There are several senior FBI officials who would’ve had access to the classified information that was leaked, including yourself and the deputy director.

He appeared unaware that as soon as the FBI started focusing on either Kislyak or Flynn, a back door search on the FISA content would return those conversations in unmasked form, which would mean a significant number of FBI Agents (and anyone else on that task force) would have access to the information that was leaked.

Likewise, at one point Feinstein was leading Comey through a discussion of why they needed to have easy back door access to communication content collected without a warrant (so we don’t stovepipe anything, Comey said), she said, “so you are not unmasking the data,” as if data obtained through a back door search would be masked, which genuinely (and rightly) confused Comey.

FEINSTEIN: So you are not masking the data — unmasking the data?

COMEY: I’m not sure what that means in this context.

It’s raw data. It would not be masked. That Feinstein, who has been a chief overseer of this program for the entire time back door searches were permitted doesn’t know this, that she repeatedly led the effort to defeat efforts to close the back door loophole, and that she doesn’t know what it means that this is raw data is unbelievably damning.

Incidentally, as part of the exchange wit Feinstein, Comey said the FISA data sits in a cloud type environment.

Comey claims the government doesn’t need the foreign government certificate except to target spies

Several hours into the hearing, Mike Lee asked some questions about surveillance. In particular, he asked if the targeting certificates for 702 ever targeted someone abroad for purposes unrelated to national security. Comey seemingly listed off the certificates we do have — foreign government, counterterrorism, and counterproliferation, noting that cyber gets worked into other ones.

LEE: Yes. Let’s talk about Section 702, for a minute. Section 702 of the Foreign Intelligence Surveillance Amendments Act authorizes the surveillance, the use of U.S. signals surveillance equipment to obtain foreign intelligence information.

The definition includes information that is directly related to national security, but it also includes quote, “information that is relevant to the foreign affairs of the United States,” close quote, regardless of whether that foreign affairs related information is relevant to a national security threat. To your knowledge, has the attorney general or has the DNI ever used Section 702 to target individuals abroad in a situation unrelated to a national security threat?

COMEY: Not that I’m aware of. I think — I could be wrong, but I don’t think so, I think it’s confined to counterterrorism to espionage, to counter proliferation. And — those — those are the buckets. I was going to say cyber but cyber is fits within…

He said they don’t need any FG information except that which targets diplomats and spies.

LEE: Right. So if Section 702 were narrowed to exclude such information, to exclude information that is relevant to foreign affairs, but not relevant to a national security threat, would that mean that the government would be able to obtain the information it needs in order to protect national security?

COMEY: Would seem so logically. I mean to me, the value of 702 is — is exactly that, where the rubber hits the road in the national security context, especially counterterrorism, counter proliferation.

I assume that Comey said this because the FBI doesn’t get all the other FG-collected stuff in raw form and so isn’t as aware that it exists. I assume that CIA and NSA, which presumably use this raw data far more than FBI, will find a way to push back on this claim.

But for now, we have the FBI Director stating that we could limit 702 collection to national security functions, a limitation that was defeated in 2008.

Comey says FBI only needs top level URLs for ECTR searches

In another exchange, Lee asked Comey about the FBI’s continued push to be able to get Electronic Communication Transaction Records. Specifically, he noted that being able to get URLs means being able to find out what someone was reading.

In response, Comey said he thought they could only get the top-level URL.

After some confusion that revealed Comey’s lie about the exclusion of ECTRs from NSLs being just a typo, Comey said FBI did not need any more than the top domain, and Lee answered that the current bill would permit more than that.

LEE: Yes. Based on the legislation that I’ve reviewed, it’s not my recollection that that is the case. Now, what — what I’ve been told is that — it would not necessarily be the policy of the government to use it, to go to that level of granularity. But that the language itself would allow it, is that inconsistent with your understanding?

COMEY: It is and my understanding is we — we’re not looking for that authority.

LEE: You don’t want that authority…

(CROSSTALK)

COMEY: That’s my understanding. What — what we’d like is, the functional equivalent of the dialing information, where you — the address you e-mailed to or the — or the webpage you went to, not where you went within it.

This exchange should be useful for limiting any ECTR provision gets rushed through to what FBI claims it needs.

The publication of (US) intelligence information counts as intelligence porn and therefore not journalism

Ben Sasse asked Comey about the discussion of indicting Wikileaks. Comey’s first refusal to answer whether DOJ would indict Wikileaks led me to believe they already had.

I don’t want to confirm whether or not there are charges pending. He hasn’t been apprehended because he’s inside the Ecuadorian embassy in London.

But as part of that discussion, Comey explained that Wikileaks’ publication of loads of classified materials amounted to intelligence porn, which therefore (particularly since Wikileaks didn’t call the IC for comment first, even though they have in the past) meant they weren’t journalism.

COMEY: Yes and again, I want to be careful that I don’t prejudice any future proceeding. It’s an important question, because all of us care deeply about the First Amendment and the ability of a free press, to get information about our work and — and publish it.

To my mind, it crosses a line when it moves from being about trying to educate a public and instead just becomes about intelligence porn, frankly. Just pushing out information about sources and methods without regard to interest, without regard to the First Amendment values that normally underlie press reporting.

[snip]

[I]n my view, a huge portion of WikiLeaks’s activities has nothing to do with legitimate newsgathering, informing the public, commenting on important public controversies, but is simply about releasing classified information to damage the United States of America. And — and — and people sometimes get cynical about journalists.

American journalists do not do that. They will almost always call us before they publish classified information and say, is there anything about this that’s going to put lives in danger, that’s going to jeopardize government people, military people or — or innocent civilians anywhere in the world.

I’ll write about this more at length.

Relatedly (though technically a Russian investigation detail), Comey revealed that the investigation into Trump ties to Russia is being done at Main Justice and EDVA.

COMEY: Yes, well — two sets of prosecutors, the Main Justice the National Security Division and the Eastern District of Virginia U.S. Attorney’s Office.

That makes Dana Boente’s role, first as Acting Attorney General for the Russian investigation and now the Acting Assistant Attorney General for National Security, all the more interesting, as it means he is the person who can make key approvals related to the investigation.

I don’t have any problem with him being chosen for these acting roles. But I think it supremely unwise to effectively eliminate levels of oversight on these sensitive cases (Russia and Wikileaks) by making the US Attorney already overseeing them also the guys who oversees his own oversight of them.

The US is on its way to becoming the last haven of shell corporations

Okay, technically these were Sheldon Whitehouse and Amy Klobuchar comments about Russia. But as part of a (typically prosecutorial) line of questioning about things related to the Russian investigation, Whitehouse got Comey to acknowledge that as the EU tries to crack down on shell companies, that increasingly leaves the US as the remaining haven for shell companies that can hide who is paying for things like election hacks.

WHITEHOUSE: And lastly, the European Union is moving towards requiring transparency of incorporations so that shell corporations are harder to create. That risks leaving the United States as the last big haven for shell corporations. Is it true that shell corporations are often used as a device for criminal money laundering?

COMEY: Yes.

[snip]

WHITEHOUSE: What do you think the hazards are for the United States with respect to election interference of continuing to maintain a system in which shell corporations — that you never know who’s really behind them are common place?

COMEY: I suppose one risk is it makes it easier for illicit money to make its way into a political environment.

WHITEHOUSE: And that’s not a good thing.

COMEY: I don’t think it is.

And Klobuchar addressed the point specifically as it relates to high end real estate (not mentioning that both Trump and Paul Manafort have been alleged to be involved in such transactions).

There have been recent concerns that organized criminals, including Russians, are using the luxury real estate market to launder money. The Treasury Department has noted a significant rise in the use of shell companies in real estate transactions, because foreign buyers use them as a way to hide their identity and find a safe haven for their money in the U.S. In fact, nearly half of all homes in the U.S. worth at least $5 million are purchased using shell companies.

Does the anonymity associated with the use of shell companies to buy real estate hurt the FBI’s ability to trace the flow of illicit money and fight organized crime? And do you support efforts by the Treasury Department to use its existing authority to require more transparency in these transactions?

COMEY: Yes and yes.

It’s a real problem, and not just because of the way it facilitates election hacks, and it’d be nice if Congress would fix it.

Every Senator Who Supports USA Freedom May Be Affirmatively Ratifying a Financial Dragnet

Now that I’ve finally got around to reading the so-called transparency provisions in Patrick Leahy’s USA Freedom Act, I understand that one purpose of the bill, from James Clapper’s perspective, is to get Congress to ratify some kind of financial dragnet conducted under Section 215.

As I’ve laid out in detail before, there’s absolutely no reason to believe USA Freedom Act does anything to affect non-communications collection programs.

That’s because the definition of “specific selection term” permits (corporate) persons to be used as a selector, so long as they aren’t communications companies. So Visa, Western Union, and Bank of America could all be used as the selector; Amazon could be for anything not cloud or communications-related. Even if the government obtained all the records from these companies — as reports say it does with Western Union, at least — that would not be considered “bulk” because the government defines “bulk” as collection without a selector. Here, the selector would be the company.

And as I just figured out yesterday, the bill requires absolutely no individualized reporting on traditional Section 215 orders that don’t obtain communications. Here’s what the bill requires DNI to report on traditional 215 collection.

(D) the total number of orders issued pursuant to applications made under section 501(b)(2)(B) and a good faith estimate of—
(i) the number of targets of such orders;
(ii) the number of individuals whose communications were collected pursuant to such orders; and
(iii) the number of individuals whose communications were collected pursuant to such orders who are reasonably believed to have been located in the United States at the time of collection;

The bill defines “individuals whose communications were collected” this way:

(3) INDIVIDUAL WHOSE COMMUNICATIONS WERE COLLECTED.—The term ‘individual whose communications were collected’ means any individual—
(A) who was a party to an electronic communication or a wire communication the contents or noncontents of which was collected; or
(B)(i) who was a subscriber or customer of an electronic communication service or remote computing service; and
(ii) whose records, as described in subparagraph (A), (B), (D), (E), or (F) of section 2703(c)(2) of title 18, United States Code, were collected.

Thus, the 215 reporting only requires the DNI to provide individualized reporting on communications related orders. It requires no individualized reporting at all on actual tangible things (in the tangible things provision!). A dragnet order collecting every American’s Visa bill would be reported as 1 order targeting the 4 or so terrorist groups specifically named in the primary order. It would not show that the order produced the records of 310 million Americans.

I’m guessing this is not a mistake, which is why I’m so certain there’s a financial dragnet the government is trying to hide.

Under the bill, of course, Visa and Western Union could decide they wanted to issue a privacy report. But I’m guessing if it would show 310 million to 310,000,500 of its customers’ privacy was being compromised, they would be unlikely to do that.

So the bill would permit the collection of all of Visa’s records (assuming the government could or has convinced the FISC to rubber stamp that, of course), and it would hide the extent of that collection because DNI is not required to report individualized collection numbers.

But it’s not just the language in the bill that amounts to ratification of such a dragnet.

As the government has argued over and over and over, every time Congress passes Section 215’s “relevant to” language unchanged, it serves as a ratification of the FISA Court’s crazy interpretation of it to mean “all.” That argument was pretty dodgy for reauthorizations that happened before Edward Snowden came along (though its dodginess did not prevent Clare Eagan, Mary McLaughlin, and William Pauley from buying it). But it is not dodgy now: Senators need to know that after they pass this bill, the government will argue to courts that it ratifies the legal interpretations publicly known about the program.

While the bill changes a great deal of language in Section 215, it still includes the “relevant to” language that now means “all.” So every Senator who votes for USAF will make it clear to judges that it is the intent of Congress for “relevant to” to mean “all.”

And it’s not just that! In voting for USAF, Senators would be ratifying all the other legal interpretations about dragnets that have been publicly released since Snowden’s leaks started.

That includes the horrible John Bates opinion from February 19, 2013 that authorized the government to use Section 215 to investigate Americans for their First Amendment protected activities so long as the larger investigation is targeted at people whose activities aren’t protected under the First Amendment. So Senators would be making it clear to judges their intent is to allow the government to conduct investigations into Americans for their speech or politics or religion in some cases (which cases those are is not entirely clear).

That also includes the John Bates opinion from November 23, 2010 that concluded that, “the Right to Financial Privacy Act, … does not preclude the issuance of an order requiring the production of financial records to the Federal Bureau of Investigation (FBI) pursuant to the FISA business records provision.” Given that Senators know (or should — and certainly have the ability to — know) about this before they support USAF, judges would be correct in concluding that it was the intent of Congress to permit the government to collect financial records under Section 215.

So Senators supporting this bill must realize that supporting the bill means they are supporting the following:

  • The interpretation of “relevant to” to permit the government to collect all of a given kind of record in the name of a standing FBI terrorism investigation.
  • The use of non-communication company corporate person names, like Visa or Western Union, as the selector “limiting” collection.
  • The use of Section 215 to collect financial records.
  • Not requiring the government to report how many Americans get sucked up in any financial (or any non-communications) dragnet.

That is, Senators supporting this bill are not only supporting a possible financial dragnet, but they are helping the government hide the existence of it.

I can’t tell you what the dragnet entails. Perhaps it’s “only” the Western Union tracking reported by both the NYT and WSJ. Perhaps James Cole’s two discussions of being able to collect credit card records under this provision means they are. Though when Leahy asked him if they could collect credit card records to track fertilizer purchases, Cole suggested they might not need everyone’s credit cards to do that.

Leahy: But if our phone records are relevant, why wouldn’t our credit card records? Wouldn’t you like to know if somebody’s buying, um, what is the fertilizer used in bombs?

Cole: I may not need to collect everybody’s credit card records in order to do that.

[snip]

If somebody’s buying things that could be used to make bombs of course we would like to know that but we may not need to do it in this fashion.

We don’t know what the financial dragnet is. But we know that it is permitted — and deliberately hidden — under this bill.

Below the rule I’ve put the names of the 18 Senators who have thus far co-sponsored this bill. If one happens to be your Senator, it might be a good time to urge them to reconsider that support.


Patrick Leahy (202) 224-4242

Mike Lee (202) 224-5444

Dick Durbin (202) 224-2152

Dean Heller (202) 224-6244

Al Franken (202) 224-5641

Ted Cruz (202) 224-5922

Richard Blumenthal (202) 224-2823

Tom Udall (202) 224-6621

Chris Coons (202) 224-5042

Martin Heinrich (202) 224-5521

Ed Markey (202) 224-2742

Mazie Hirono (202) 224-6361

Amy Klobuchar (202) 224-3244

Sheldon Whitehouse (202) 224-2921

Chuck Schumer (202) 224-6542

Bernie Sanders (202) 224-5141

Cory Booker (202) 224-3224

Bob Menendez (202) 224-4744

Sherrod Brown (202) 224-2315

 

 

James “Too Cute By Half” Clapper’s Denial

James Clapper made a somewhat unprecedented denial of Le Monde’s report (French, English) about the NSA’s dragnet, denying the eye-popping numbers on the volume of French spying (70.3 million in a month) we do.

October 22, 2013

Recent articles published in the French newspaper Le Monde contain inaccurate and misleading information regarding U.S. foreign intelligence activities.  The allegation that the National Security Agency collected more than 70 million “recordings of French citizens’ telephone data” is false.

While we are not going to discuss the details of our activities, we have repeatedly made it clear that the United States gathers intelligence of the type gathered by all nations.  The U.S. collects intelligence to protect the nation, its interests, and its allies from, among other things, threats such as terrorism and the proliferation of weapons of mass destruction.

The United States values our longstanding friendship and alliance with France and we will continue to cooperate on security and intelligence matters going forward.

Now, for what it’s worth, this seems the product of somewhat bad translation of the English for the Le Monde article, which started as this,

Parmi les milliers de documents soustraits à la NSA par son ex-employé figure un graphique qui décrit l’ampleur des surveillances téléphoniques réalisées en France. On constate que sur une période de trente jours, du 10 décembre 2012 au 8 janvier 2013, 70,3 millions d’enregistrements de données téléphoniques des Français ont été effectués par la NSA.

And then a worse translation back into English, which produced this,

Amongst the thousands of documents extracted from the NSA by its ex-employee there is a graph which describes the extent of telephone monitoring and tapping (DNR – Dial Number Recognition) carried out in France. It can be seen that over a period of thirty days – from 10 December 2012 to 8 January 2013, 70,3 million recordings of French citizens’ telephone data were made by the NSA.

I’m not going to explain this perfectly, but effectively it took a verbal that could mean the tape recording or the data notation of calls and turned it into a gerund that has the connotation in English of a discrete tape recording (note also the really cloddish use of the passive in a situation where you wouldn’t use it in English).

And from that, Clapper pounced on the “recordings” and presented them — in a quotation taken out of context — as discrete phone calls recorded individually. NSA’s not doing that, he says.

But we knew that. What they’re doing is intercepting call data in bulk and then sorting through what they want to keep.

It’s worth noting that the comment on the Boundless Informant screen Le Monde gets this from, however, refers to a more accurate calls “interceptées.” None of that excuses Le Monde’s presentation of it as such, particularly not its weak English translation which Clapper exploited (which isn’t, however, the actual language that has given François Hollande an opportunity to pretend to be shocked, and his English-only gotcha would be useful in refuting this for actual French readers). But that’s one source of the gotcha.

Now, as I said, this is relatively unprecedented. In the recent “interview” with Keith Alexander, NSA issued non-denial denials about info sharing with Israel. But there have been few very specific denials like this one.

And why would there be? Should we now assume all the other facts that have come out, anywhere in the world, are true? That Clapper has gone out of his way to do so, it seems, suggests the IC doesn’t dispute any other facts, which is almost certainly not the case, but nevertheless a fair assumption given their attention to this discrete point.

The one exception to this general rule, though, suggests why Clapper may have used this bad translation to claim gotcha! It just so happens to pertain to the WSJ story on upstream Internet collection, Read more

James Clapper Proves Inadequate Oversight by Refusing to Answer EO 12333 Questions

The headlines from today’s Senate Judiciary Committee hearing on NSA will no doubt be that Pat Leahy forced Keith Alexander to admit they’ve been lying about whether the 54 “plots” they “thwarted” were really “plots” or “thwarted” in the first place. Perhaps just two were.

More astute reporters might note that, in response to questions about the NYT’s report on the dossiers created in the course of foreign intelligence collection analysis, Keith Alexander offered several equivocations first claiming NYT got things wrong, then realizing that was a too broad claim. More interesting, he ultimately admitted that the NSA conducts some of this under Executive Order 12333 — the collection David Kris outlined in his paper.

There was even some follow-up on the NSA’s use of EO 12333, with James Clapper and Alexander claiming Congress had some oversight of that collection (in spite of Dianne Feinstein’s admission that they don’t get news of EO 12333 violations even when they involve Americans).

But the most telling exchange occurred between Amy Klobuchar, Keith Alexander, and James Clapper. (after 1:25) Klobuchar asked why they hadn’t told the Committee of the violations reported in an internal NSA review when they last appeared before the committee. After Alexander tried to filibuster (actually addressing the report in question and noting only ODNI and DOJ get those numbers, not FISC or Congress), Clapper interrupted and pretended she had asked about the LOVEINT incidents just reported to Charles Grassley. Clapper claimed those hadn’t been reported because they were 12333 violations.

Clapper: I think the answer to the question, Senator, was that the subject of the hearing was 215 and 702, and these 12 violations over 10 occurred under the foreign collection under the auspices of Executive Order 12333. [Sits back]

Klobuchar: I thought we were broadly asking questions and it would have been nice to have heard about it there but it’s behind us now.

But Clapper is absolutely incorrect. The review Klobuchar asked about reported 195 FISA violations. Of those, 20% were due diligence violations — of an analyst not following Standard Operating Procedures she has been trained on. 31% are what amount to insufficient intelligence (these are called “resource violations”), resulting in searches on targets who shouldn’t be targeted. A number of the incidents included not detasking someone quickly enough.

In other words, while this may (or may not) be minor, they are real violations of FISA authorities, the stuff that Congress and the Courts are supposed to oversee. And Clapper just blew off the question by saying they don’t have to disclose any violations pertaining to EO 12333 (even though a chunk of these violations weren’t EO 12333 violations).

Which of course demonstrates a further point. The Intelligence Community is basically refusing to discuss any EO 12333 violations and/or programs, even while it also picks up US person information at least incidentally.

And yet they claimed there was adequate oversight over those programs.

Amy Klobuchar Shreds Coburn’s “Concept of Freedom”

Senator Coburn spent about 20 straight minutes today whining to Elena Kagan about how much less freedom we have today than we did 30 years ago.

Which Amy Klobuchar promptly shredded–by far the highlight of today’s hearing. As she points out, back in Coburn’s idyllic free time, women were not represented on the Supreme Court–and barely were in Congress. (Though, note, she corrected herself later–Senator Kassebaum was serving in the Senate already by 1980.)

But then what would you expect from one of the C Street boys, huh?