Imagine the Informants You Can Coerce When You Can Spy on Every Single American

Please consider supporting my fundraiser so I can continue to do this kind of work. 

Two years ago, I noted a chilling exchange from a 2002 FISA suit argued by Ted Olson. Laurence Silberman was trying to come up with a scenario in which some criminal information might not have any relevance to terrorism. When he suggested rape, Olson suggested we might use evidence of a rape to get someone to inform for us.

JUDGE SILBERMAN: Try rape. That’s unlikely to have a foreign intelligence component.

SOLICITOR GENERAL OLSON: It’s unlikely, but you could go to that individual and say we’ve got this information and we’re prosecuting and you might be able to help us.

It’s chilling not just because it suggests rapists have gone free in exchange for trumping up terrorist cases for the government, but because it makes clear the kinds of dirt the government sought using — in this case — traditional FISA wiretaps.

Now consider this passage from the government’s 2009 case that it should be able to sustain the Section 215 dragnet.

Specifically, using contact chaining [redacted] NSA may be able to discover previously unknown terrorist operatives, to identify hubs or common contacts between targets of interest who were previously thought to be unconnected, and potentially to discover individuals willing to become U.S. Government assets.

Remember, while the government downplayed this fact, until Barack Obama won the 2008 election, the government permitted analysts to contact chain off of 27,090 identifiers, going deeper than 3 hops in. That very easily encompasses every single American.

The ability to track the relationships of every single American, and they were using it to find informants.

In the 7 years since this program (now allegedly scaled back significantly, but still very very broad) has existed, the dragnet has only helped, however indirectly, to capture 12 terrorists in the US (and by terrorist, they also include people sending money to protect their country against US-backed invasion).

Which means the real utility of this program has been about something else.

The ability to track the relationships of every single American. And they were using it to find informants.

Even while the number of terrorists this program discovered has been minimal, the number of FBI informants has ballooned, to 15,000. And those informants are trumping up increasingly ridiculous plots in the name of fighting terrorism.

The ability to track the relationships of every single American (or now, a huge subset of Americans, focusing largely on Muslims and those with international ties). And they were (and presumably still are) using it to find informants.

Update: Note how in Keith Alexander’s description of the alert list, the standard to be on it is “the identifier is likely to produce information of foreign intelligence value” that are “associated with” one of the BR targets (Alexander 33). This is very similar to the language Olson used to justify getting data that didn’t directly relate to terrorism.

Also note this language (Alexander 34):

In particular, Section 1.7(c) of Executive Order 12333 specifically authorizes NSA to “Collect (including through clandestine means), process, analyze, produce, and disseminate signals intelligence information for foreign intelligence and counterintelligence purposes to support national and departmental missions.” However, when executing its SIGINT mission, NSA is only authorized to collect, retain or disseminate information concerning United States persons in accordance with procedures approved by the Attorney General.

Again, this emphasizes a foreign intelligence and CI purpose for collection that by law is limited to terrorism. Which could mean they think they can collect info to coerce people to turn informant.

The AG guidelines on informants are, not surprisingly, redacted.

NSA-Speak — Timely: (Adj.) 2-Month Delay

For some reason, this Ellen Nakashima story covering parts of what CNNWired, and I have already reported is generating a lot of attention today.

While I’m grateful that more people are catching on to what I’ve been harping on for months — that NSA justifies its entire Section 215 metadata dragnet with a case involving the transfer of less than $10,000 to al-Shabaab — there’s one point that further demonstrates the absurdity of the claim that Nakashima didn’t cover.

She quotes government officials repeatedly talking about the importance of the 215 dragnet because it provides timely identification of numbers.

U.S. officials emphasize that those logs do not contain the names of customers or content — just “metadata,” which includes phone numbers and the times and dates of calls. They note that they need a “reasonable, articulable suspicion” that a number they wish to check in the database is linked to a foreign terrorist group.

And they say that without having all the calls in one place and easily searchable with a keystroke, finding links to suspicious numbers would be tedious and time-consuming.


U.S. officials argue that Moalin’s number probably would not have surfaced — at least not in a timely fashion — had it not been for the database.


Had the intelligence community known where Mihdhar and a co-conspirator were and detained them, the “simple fact of their detention could have derailed the plan,” the 9/11 Commission said. To close that gap, the government created the phone call database. The goal, the reports say, is to “rapidly identify any terrorist threats emanating from within the United States.”

The NSA could put together a more limited dataset by going to every phone company and asking for all the numbers that have been in contact with a target number. But that takes time, and if analysts want to examine secondary contacts, they would have to go back to the phone company, officials said. [my emphasis]

And Nakashima quotes Ron Wyden challenging the timeliness of all this.

If time was of the essence, he said, a different court order or administrative subpoena would allow for an emergency request for the records. Wyden noted that both Moalin and the subway plot co-conspirator were arrested “months or years after they were first identified” by mining the phone logs.

But there’s a further reason, if Moalin is the exemplar of the practice, to challenge the NSA’s claims that the dragnet gives them timeliness they wouldn’t get otherwise.

Because at least according to the public record, there was a 2-month delay between the time they found the number used to query the 215 database and when they wiretapped Moalin. (Note, I do have significant suspicions that the court record does not accurately reflect what happened, but if it is inaccurate that’s the government’s own damn fault.)

In a hearing before the House Judiciary Committee last month, FBI’s National Security Division Executive Assistant Director Stephanie Douglas provided more details on how they found (or refound) Moalin.

I’d like to also represent one case to you, specific to the Business Record 215 authority. In 2003, the FBI initiated a case on an individual identified as Bisaaly Moalin. It was based on anonymous tips that he was somehow connected to terrorism.

In 2004 the case was closed without sufficient information to move forward on the investigation. However, three years later in October 2007, NSA provided a phone number to the FBI with an area code which came back to an area consistent with San Diego. NSA found this phone number was in contact with an al-Qaida East African affiliated person.

Once provided to the FBI, we initiated an investigation, submitted a national security letter for the subscriber of the phone number and determined that it was Mr. Moalin, the subject of the previously closed case. Subsequent investigation led to the identification of others, and to date Moalin and three others have been convicted of material support for terrorism. [my emphasis]

The FBI got this lead in October 2007.

But an affidavit for a search warrant at the time Moalin was arrested claims that the government first wiretapped Moalin in December 2007.

In December 2007, the FBI began intercepting MOALIN’s cell phone.

And a 2011 report summarizing a 2009 assessment (this is the source of Moalin’s Defense claims that the FBI had concluded he wasn’t trying to fund al-Shabaab per se) the Full Investigation into Moalin was initiated on December 18, 2007.

All that’s with hints from the government opposition to Moalin’s FISA challenge that at least some of this intelligence was collected under emergency authorization. (See, for example, the discussion on page 7, and footnote 22, which would probably be unnecessary unless the government did use emergency authorizations at some point in the process.)

In other words, even on the signature case using Section 215 — and with FBI’s use of a National Security Letter to pinpoint Moalin — it still took 2 months before they initiated the full investigation into him.

And yet they need to collect every Americans’ phone records so they can quickly get leads they take 2 months to open full investigations into.

The James Clapper Stall Declaration

On Thursday July 25, the ACLU met the government for a hearing in their suit to stop the Section 215 dragnet (which I’ll call ACLU Injunction for this post). While there, the government handed the judge a filing for ACLU’s Section 215 FOIA, asking for more time (until September 15, or maybe longer) before respond in that case; they sent ACLU a redacted copy by letter the next day.

The filing includes a James Clapper declaration written way back on July 7 meant to apply to four or five cases asking for a two month delay on FOIA or related litgation; as far as is publicly known, however, the declaration had not yet been submitted in any of those cases.

The filing (and its redactions) are interesting for several reasons:

It suggests one ongoing case pertains to Section 215 and/or Section 702 surveillance in a way that is not publicly known.

As I said, this declaration pertains to four or five cases. Three of those are named:

  • EFF v. DOJ (12-1441): EFF’s FOIA suit to get the FISA Court opinion deeming Section 702 to have violated the Fourth Amendment (EFF FISC Opinion FOIA)
  • EFF v. DOJ (4:11-5221): EFF’s FOIA suit to get a limited number of documents pertaining to Section 215 (EFF 215 FOIA)
  • ACLU v. FBI (11-7562): ACLU’s FOIA suit to get a broader range of documents pertaining to Section 215 (ACLU 215 FOIA)

But after referencing those suits, the Clapper declaration redacts over a line describing at least one other case.

Screen shot 2013-07-28 at 10.16.40 AM


The letter accompanying this declaration includes a footnote explaining,

Some redactions in the declaration include information that, in isolation, may be unclassified but, in the context of the discussion in the declaration, could tend to reveal information that is still classified in other settings.

Given the other redactions — which largely refer to still unacknowledged or undisclosed aspects of the Section 215 and Section 702 surveillance, along with one probable reference to CIA — the name of these case(s) are probably one of those redactions that would be unclassified in other circumstances.

That suggests that it may be the relevance to this issue — the role of Section 215 or Section 702 — that makes the reference to the case classified.

My first guess about what case(s) might be included in that redaction is EPIC’s FOIA suit for materials pertaining to the investigation of supporters of WikiLeaks. As I have described, the government not only withheld everything under an “ongoing investigation” exemption, it also invoked “protected by statute.” But it didn’t say what statute prohibited it from releasing the materials, an unheard of FOIA practice. That suit is awaiting the judges decision on motions to dismiss.

Read more

Working Post on Government Motion in Moalin Prosecution

As I described in this post, the government’s opposition motion to Basaaly Saeed Moalin’s challenge to the FISA intercepts used to convict him is a doozy. I showed there how complex the collections used to convict him were (and presumably still are).

This is going to be a working post cataloging all the other interesting aspects of the government’s motion.

The page numbers are to hard page numbers; PDF page numbers are one number higher.

P1: Note the first redacted footnote modifying FISA. The footnote may discuss the other things also including under FISA, including the Section 215 application.

P1: For a variety of reasons — not least that the government only noticed the physical surveillance application under FISA after Moalin challenged the FISA intercepts — I think the “physical” searches have some relation to the electronic surveillance as well. Note the footnoted sentence is followed by an entirely redacted passage (on P2) that itself is footnoted.

P3: The last sentence of the first paragraph reads, “After [Aden] Ayrow [the Somali warlord Moalin may have first been targeted off of] was killed, the defendants continued to collect funds and transmit them to Somalia to support violence against the TFG and its supporters.” Note, most of the money Moalin transfered did not go to al-Shabaab (and given footnote 5, I suspect the government knows of even more money that went to entirely acceptable charitable causes).

Read more

Did the Government Change When — and How — It Minimized US Person Collections Since 2008?

I’ve been digging through the weeds of the government’s response to Basaaly Saeed Moalin’s challenge of the FISA materials used in his trial. As a reminder, this is one of just two examples of a case where the government has admitted to using the Section 215 database to capture a terrorist (they now say they’ve used the database in 13 cases total, presumably since 2006).

In a section starting on page 50, the government argues the collection leading to Moalin’s indictment (and since then, his conviction) was “lawfully conducted.”

[T]he FISA-obtained or -derived information that wil be offered into evidence in this case was acquired, retained, and disseminated by the FBI in accordance with FISA’s minimization requirements, and the implementing standard minimization procedures (“SMPs”) promulgated by the Attorney General and approved by the FISC.

As this document mapping out the structure of the argument, the first and only section of their proof addresses minimization. That may seem kind of weird, but remember that the Intelligence Community sometimes calls this collection “collection carried out pursuant to the Section 702 minimization procedures.” (Though keep in mind that the collection in question took place under the Protect America Act starting in 2007.)

What I’m particularly interested in, however, is that following an initial redacted section and footnote addressing minimization, the government’s motion addresses two sets of standard minimization procedures (see the first sentence of document page 51). At first, I thought the invocation of “both” pertained to one procedure for electronic and another procedure for physical surveillance (the government used both in its case against Moalin). But the full reference refers to the “current”  and the “old” SMPs.

Under FISA and both sets of SMPs, minimization “may occur at any of several stages, including recording, logging, indexing, or dissemination.” lARA, 2009 WL 5169536, at *6 (citing Kevork, 634 F. Supp. at 1017); Senate Report at 40; current SMPs,, Section I.A., pp. 1-2. At the acquisition stage, FISA does not “prohibit the use of automatic tape recording equipment.” Rahman, 861 F. Supp. at 252; Kevork, 634 F. Supp. at 1017. Indeed, the FISC has noted that FISA surveillance devices are normally left on continuously and that consequently minimization occurs (under the old SMPs) during the logging and indexing of the pertinent communications.88 See In re Sealed Case, 310 F.3d at 740.

Remember, the wiretaps used in this case date to December 2007 to April 2008. The motion was written in February 2012. This seems to suggest the “old SMPs” were in place in 2007-08, but they have been replaced since then. And the distinction between the two — and an explanation for why they would both be relevant to the question of legality — must appear in a redacted section, perhaps the one that immediately precedes this passage.

Note, these appear to both be different from the minimization procedures leaked by Edward Snowden, which have a date stamp from July 29, 2009. Those address collections under Section 702 of FISA, whereas the reference to SMPs in In Re Sealed Case cited above describes “Standard Minimization Procedures for U.S. Person Agent of a Foreign Power,” as referred to in this passage of that ruling.

The most critical step in retention is the analysis in which an informed judgment is made as to whether or not the communications or other data seized is foreign intelligence information. To guide FBI personnel in this determination the Standard Minimization Procedures for U.S. Person Agent of a Foreign Power in Section 3(a)(4) Acquisition/Interception/Monitoring and Logging provide that “communications of or concerning United States persons that could not be foreign intelligence information or are not evidence of a crime . . . may not be logged or summarized.” (emphasis added). Minimization is required only if the information “could not be” foreign intelligence. Thus, it is obvious that the standard for retention of FISA-acquired information is weighted heavily in favor of the government.

This seems to suggest the minimization procedures from 2002 (the ones invoked in this ruling) remained roughly the same until the “old SMPs” referred to in this passage.

But it also appears the passage doesn’t treat the “current” SMPs as the Snowden version either. That’s because there is no section I.A. in those — and certainly not one discussing logging and indexing.

I raise all this because the new ones seem to allow minimization (or not) at two more different stages: at the collection phase (which, given the description of the kinds of collection they conduct, might be computerized) or at the dissemination stage. Given the language in the minimization procedures we’ve seen (and the discussion that follows this passage, which talks about the looser minimization in terrorism cases), that seems to allow decisions long after the initial “collection.” (Remember, in this case, the government decided in 2009 not to prosecute but then in 2011, following the prosecution of the hawala involved, did decide to do so.)

In the Section 702 context, there appears to be little logging and indexing (which is why the government can claim it can’t say how many Americans get sucked up as “incidental” collection). I wonder if part of this change reflects a de-emphasis of logging and indexing for specific warrants as well?

What Does the Government Consider “Protected” First Amendment Activities?

The other day, AP’s Matt Lee called out State Department spokesperson Jen Psaki’s suggestion that Edward Snowden is not entitled to free speech.

QUESTION: Okay. Then I just don’t understand. I think this is an incredibly slippery slope that you’re going down here, that the U.S. Government is going down here, if you are coming up and saying to us that you’re trying to prevent an American citizen – albeit one who has been accused of serious crimes – from exercising his right to free speech. You don’t agree with that?

MS. PSAKI: I believe that what I’ve conveyed most proactively here is our concern about those who helped facilitate this event —


MS. PSAKI: — and make it into a propaganda platform.

QUESTION: Right. And —

QUESTION: Or a public asylum —

QUESTION: — the propaganda platform aside, free speech covers propaganda. Last time I checked, it covers a lot of things. And I don’t see, unless he’s somehow violated U.S. law by speaking at this – at the Russian – the transit line at the Russian airport, I don’t see why you would be disappointed in the Russians for, one, facilitating it, but also, apparently from what it sounds like, tried to discourage them from – tried to discourage this – them from allowing this event to take place in the – to take place at all.

MS. PSAKI: Well, Matt, this isn’t happening, clearly, because we wouldn’t be talking about it, in a vacuum. And this is an individual, as we all know, who has been accused of felony crimes in the United States. We have expressed strongly our desire to have him returned —

QUESTION: I understand.

MS. PSAKI: — to face those charges. This is all applicable context to these circumstances.

QUESTION: But as you have also said, he is a U.S. citizen.

MS. PSAKI: He is, yes.

QUESTION: He remains a U.S. citizen, and he enjoys certain rights as a U.S. citizen. One of those rights, from your point of view, is that he has the right to come back and face trial for the crimes he’s committed. But the rights that you’re not talking about are his right to free speech, his right to talk with whoever he wants to, freedom to assemble. I don’t understand why those rights are – why you ignore those and simply say that he has – that he’s welcome to come back to the United States to exercise his right to be tried by a jury of his peers. Why is that the only right that he gets, according to this Administration? [my emphasis]

As it happens, I read it about the same time i read this passage, from the government’s opposition to Basaaly Saeed Moalin’s challenge to the FISA-derived evidence against him (see this post for more background).

Moalin claims he was fargeted for FISC-authorized surveillance in violation of FISA’s stipulation that no United States person may be considered a foreign power or an agent of a foreign power solely on the basis of activities protected by the First Amendment. Docket No 92 at 18-19 (citing 50 U.S.C. §§ 1805(a)(2)(A), 1824(a)(2)(A)). Although protected First Amendment activities canot form the sole basis for FISC-authorized electronic surveillance or physical search, not all speech-related activities fall within the protection of the First Amendment. See infra at 70.

That is, when faced with limitations on surveillance based on First Amendment activities, the government claimed that not all speech is protected.

(Note, I’m not certain because the page numbers listed in this unclassified motion are to the pagination of the classified motion, but I believe that reference to speech that is not protected is redacted.)

That’s important because of the narrative the government presented in this motion (which is different from what Sean Joyce presented to the House Intelligence Committee — I believe both narratives are in fact badly misleading).

In the materials presented in this case, the government suggests FISA-authorized surveillance on Moalin’s calls with al-Shabaab warlord Aden Ayrow started, out of the blue, in December 2007, several months before al-Shabaab was listed as a Foreign Terrorist Organization. I’m not aware of any evidence it presents that precedes these calls. Yet these early calls show no evidence of criminal behavior.

Thus, the evidence suggests that merely calling someone considered a terrorist but whose group was not yet officially designated as such by the government makes one an agent of a foreign power.

Read more

The 8-FISA Judge 11-Docket Spying Authorization to Identify Less than $10,000 to Al-Shabaab

In a hearing last month, FBI Deputy Director Sean Joyce described a case in which the phone metadata database helped catch terrorists. (after 1:07)

Lastly, the FBI had opened an investigation shortly after 9/11. We did not have enough information, nor did we find links to terrorism, so we shortly thereafter closed the investigation. However, the NSA, using the business record FISA, tipped us off that this individual had indirect contacts with a known terrorist overseas. We were able to reopen this investigation, identify additional individuals through legal process, and were able to disrupt this terrorist activity.

While he didn’t name it, subsequent discussions of the case made it clear he meant Basaaly Saeed Moalin, a Somali-American convicted with three others in February for sending less than $10,000 to al-Shabaab (altogether Moalin was charged with sending $17,000 to Somalia, the balance of it to non-Shabaab figures the government claims are also terrorists).

Moalin’s lawyer Joshua Dratel unsuccessfully challenged the government’s use of material derived from FISA (the judge’s opinion rejecting the challenge has never been released). Yet even with that challenge, Dratel was never informed of the use of Section 215 in the case.

All that said, the government’s opposition to his challenge is utterly fascinating, even with huge chunks redacted. I’m going to do a weedy post on it shortly. But for now, I want to point to three indicia that reveal how much more complex this surveillance was than Joyce described to the House Intelligence Committee.

First, as part of the introduction, the government provided an (entirely redacted) Overview of the FISA Collection at Issue. While we have no idea how long that passage is, the government needed 9 footnotes to explain the collection (they are also entirely redacted). Similarly, a section arguing “The FISA Applications Established Probable Cause” has the following structure and footnotes (the content is entirely redacted):

[footnote to general material]




a. [6 footnotes]


i. [2 footnotes]


iii. [1 footnote]

iv. [2 footnotes]

v. [3 footnotes]

Now it may be that section 1 here pertains to physical collection, and section 2 pertains to electronic collection (both were used, though I suspect the physical collection was metaphorical in some way). But even there, there seem to be at least 6 and possibly far more orders involved, with two types of collection — perhaps one pertaining to bulk 702-style collection (most of the intercepts happened under Protect America Act) and the other to the use of Section 215.

Then, as part of a discussion about the minimization requirements tied to the application(s) involved, the government revealed 8 different FISC judges signed off on orders pertaining to the collection.

In order to fulfill the statutory requirements discussed above, the Attorney General has adopted standard minimization procedures for FISC-authorized electronic surveilance and physical search that are on file with the FISC and that are incorporated by reference into every relevant FISA application that is submitted to the FISC. As a result, the eight FISC judges who issued the orders authorizing the FISA collections at issue in this case found that the applicable standard minimization procedures met FISA’s statutory requirements. The FISC orders in the dockets at issue directed the Governent to follow the approved minimization procedures in conducting the FISA collection. [my emphasis]

But it appears this surveillance involved even more than 8 orders. In a section claiming that this surveillance is not complex, the government cited 11 sealed exhibits that include the dockets at issue.

There is nothing extraordinary about this case that would prompt the Court to be the first to order the disclosure of highly sensitive and classified FISA materials. Disclosure is not necessar for the Court to determine the legality of the collection. Here, the FISA dockets – at Sealed Exhibits 16-26 – are well-organized and easily reviewable by the Court in camera and ex parte. The Index of Materials in the Government’s Sealed Exhibit and this memorandum serve as a road map through the issues presented for the Court’s in camera and ex parte determination. The FISA materials contain ample information from which the Court can make an accurate determination of the legality of the FISA collection; indeed, they are “relatively straightforward and not complex.” [my emphasis]

15 footnotes addressing probable cause approved by 8 judges over 11 different dockets.

This is not a simple check of the phone database. (I’ll explain what I think actually happened with the surveillance we know about in a future post.)

Now, some of this clearly invokes the iterative approval of programmatic orders as described by Eric Lichtblau and the WSJ. The May 2006 opinion authorizing the use of Section 215 to collect phone records for every American surely is one of the authorizations cited. That opinion may rely on the 2004 one that authorized the use of Pen Register/Trap and Trace to collect all the Internet metadata in the country. I suspect there may be several orders authorizing collection on al-Shabaab and/or Somalia generally — one that precedes Protect America Act, one that collects under PAA, and probably one that collects under FISA Amendments Act (the key conversations took place in late 2007 through much of 2008). I suspect, too, there’s an order governing collection of all signals off some switch. Then there may be traditional FISA warrants to collect on Moalin and his co-conspirator Mohamud Abdi Yusuf (the other co-conspirators appear not to have been targets of collection).

Still, that only gets you to 8 dockets, even assuming they used a new one for Somalia each time.

“Relatively straightforward … not complex,” the government said, in arguing the defendant shouldn’t get a look at this jerry-rigged system of surveillance. And we still can’t see the logic Judge Jeffrey Miller used to agree with them.