Chuck Grassley

1 2 3 5

What Is the Point of the SEC ECPA-Reform Power Grab?

Last week, the Senate Judiciary Committee had a hearing on Electronic Communication Privacy Act reform, the main goal of which is to provide protection for content served on a third party’s server. Because reform is looking more inevitable in Congress (the House version of the bill has more sponsors than any other), government agencies used the hearing as an opportunity to present their wish list for the bill. That includes asking for an expansion of the status quo for civil agencies, with witnesses from SEC, DOJ, and FTC testifying (DOJ also made some other requests that I hope to return to).

Effectively, the civil agencies want to create some kind of court order that will provide them access to stored content. A number of the agencies’ witnesses — especially SEC’s Andrew Ceresney — claimed that a warrant is the same as an order, which culminated in Sheldon Whitehouse arguing (after 45:30) that an order requiring court review is actually less intrusive than a warrant because the latter is conducted ex parte.

It took until CDT policy counsel (and former ACLU lawyer) Chris Calabrese to explain why that’s not true (after 2:08):

We have conflated two really different and very different things in this committee today. One is a court, some kind of court based on a subpoena and one is a probable cause warrant. These are not the same thing. A subpoena gives you access to all information that is relevant. As pursuant, relevant to a civil investigation, a civil infraction. So if you make a mistake on your taxes, that’s a potential civil infraction. Nothing that has been put forward by the SEC would do anything but be a dramatic expansion of their authority to get at ordinary people’s in-boxes. Not just the subjects of investigation, but ordinary folks who may be witnesses. Those people would have the–everything in their in-boxes that was relevant to an investigation, so a dramatic amount of information, as opposed to probable cause of evidence of a crime. That’s a really troubling privacy invasion.

I’m utterly sympathetic with Calabrese’s (and the EFF’s) argument that the bid for some kind of civil investigative order is a power grab designed to bypass probable cause.

But I wonder whether there isn’t another kind of power grab going on as well — a bid to force banks to be investigated in a certain kind of fashion.

It was really hard, to begin with, to have former and (presumably) future Debevoise & Plimpton white collar defense attorney Andrew Ceresney to talk about how seriously SEC takes it job of  “the swift and vigorous pursuit of those who have broken the securities laws through the use of all lawful tools available to us,” as he said in his testimony and during the hearing. There’s just been no evidence of it.

Moreover, as Ceresney admitted, SEC hasn’t tried to obtain email records via an order since the US v. Warshak decision required a warrant in the 6th Circuit, even though SEC believes its approach — getting an order but also providing notice to the target — isn’t governed by Warshak. As SEC Chair Mary Jo White (another revolving door Debevoise & Plimpton white collar defense attorney) said earlier this year,

“We’ve not, to date, to my know­ledge, pro­ceeded to sub­poena the ISPs,” White said. “But that is something that we think is a crit­ic­al au­thor­ity to be able to main­tain, done in the right way and with suf­fi­cient so­li­cit­ous­ness.”

For five years, the SEC hasn’t even tried to use this authority, all while insisting they needed it — even while promising they would remain “solicitous,” if there were any worries about that.

Claims that the SEC needed such authority might be more convincing if SEC was actually pursuing crooks, but there’s little evidence of that.

Which is why I’m interested in this passage, from a letter White sent to Pat Leahy in April 2013 and appended to Ceresney’s testimony, explaining why SEC can’t have DOJ obtain orders for this material.

DOJ only has authority to seek search warrants to advance its own investigations, not SEC investigations. Thus, the Commission cannot request that the DOJ apply for a search warrant on the SEC’s behalf. Second, many SEC investigations of potential civil securities law violations do not involve a parallel criminal investigation, and thus there is no practical potential avenue for obtaining a search warrant in those cases. The large category of cases handled by the SEC without criminal involvement, however, have real investor impact, and are vital to our ability to protect- and, where feasible, make whole – harmed investors.

The only times when SEC would need their fancy new order is if the subject of an investigation refuses to turn information voluntarily, and the threat that they could obtain an order anyway is, according to Ceresney, they key reason SEC wants to maintain this authority (though he didn’t argue the apparent absence of authority has been responsible for SEC’s indolence over the last 5 years). But that act, refusing to cooperate, would get companies more closely into criminal action and — especially under DOJ’s purportedly new policy of demanding that companies offer up their criminal employees — into real risk of forgoing any leniency for cooperation. But White is saying (or was, in 2013, when it was clear Eric Holder’s DOJ wasn’t going to prosecute) that SEC can’t ask DOJ to subpoena something because that would entail a potentially criminal investigation.

Well yeah, that’s the point.

Then add in the presumption here. One problem with prosecuting corporations is they hide their crimes behind attorney-client and trade secret privileges. I presume that’s partly what Sally Yates meant in her new “policy” memo, noting that investigations require a “painstaking review of corporate documents … which may be difficult to collect because of legal restrictions.” SEC’s policy would be designed for maximal privilege claims, because it would involve the subject in the process.


If the legislation were so structured, an individual would have the ability to raise with a court any privilege, relevancy, or other concerns before the communications are provided by an ISP, while civil law enforcement would still maintain a limited avenue to access existing electronic communications in appropriate circumstances from ISPs.


Other criminals don’t get this treatment. Perhaps the problems posed by financial crime — as well as the necessity for broader relevancy based evidence requests — are unique, though I’m not sure I buy that.

But that does seem to be a presumption behind this SEC power grab: retention of the special treatment financial criminals get that has thus far resulted in their impunity.

The Inspectors General Bring Out the Space Heroes to Defend Full Access

John GlennA few weeks back, I noted that Office of Legal Counsel had finally released its opinion on whether DOJ had to share everything its Inspector General requested, or could hold things (and investigations) up until the Deputy Attorney General decided such disclosure would be in the interest of DOJ.

OLC ruled against the Inspector General, finding that rules limiting dissemination of wiretap, grand jury, and financial data required DOJ’s preferred arrangement, even given Congress’ recent appropriations instructions to give Inspectors General what they need.

Senators Chuck Grassley and Ron Johnson and Congressmen Bob Goodlatte and John Conyers expressed concern about the opinion when it was released. Grassley now has a hearing — titled “‘All’ Means All: The Justice Department’s Failure to Comply with Its Legal Obligation to Ensure Inspector General Access to All Records Needed for Independent Oversight” — tomorrow to address the issue.

In anticipation of that hearing, the Inspectors General have brought out the big guns.

First, retired Senator and space hero wrote a letter, reminding that the intent when he and others in Congress passed the Inspector General act in 1978, they intended IGs to get access to everything.

The success of the IG Act is rooted in the principles on which the Act is grounded–independence, direct reporting to Congress, dedicated staff and resources, unrestricted access to agency records, subpoena power, special protections for agency employees who cooperate with the IG, and the ability to refer criminal matters to the Department of Justice without clearing such referrals through the agency. We considered these safeguards to be vital when we developed the Act and they remain essential today.

In addition, yesterday the Council of the Inspectors General on Integrity and Efficiency sent a letter to Ron Johnson, Tom Carper, Jason Chaffetz, and Elijah Cummings asking for immediate legislation to fix the problem created by the OLC memo. In addition to expressing concern about the impact of the memo for DOJ’s Inspector General (that IG, Michael Horowitz, is Chair of CIGIE, so that’s sort of him reiterating his concerns), the other agency IG’s worried that the memo might affect their ability to conduct their own work, as well.

The OLC opinion’s restrictive reading of the IG Act represents a potentially serious challenge to the authority of every Inspector General and our collective ability to conduct our work thoroughly, independently, and in a timely manner. Our concern is that, as a result of the OLC opinion, agencies other than DOJ may likewise withhold crucial records from their Inspectors General, adversely impacting their work. Even absent this opinion, agencies such as the Peace Corps and the U.S. Chemical Safety and Hazard Investigation Board (CSB) have restricted or denied their OIGs access to agency records on claims of common law privileges or assertions that other laws prohibit access.


Uncertainty about the legal authority of Inspectors General to access all information in an agency’s possession could also negatively affect interactions between the staffs of the Offices of Inspector General and the agencies they oversee. Prior to this opinion, agency personnel could be confident, given the clear language of Section 6(a) of the IG Act, that they were required to and should share information openly with Inspector General staff, and typically they did so without reservation or delay. This led to increased candor during interviews, greater efficiency of investigations and other reviews, and earlier and more effective detection and resolution of waste, fraud, and abuse within Federal agencies. We are concerned that witnesses and other agency personnel, faced with uncertainty regarding the applicability of the OLC opinion to other records and situations, may now be less forthcoming and fearful of being accused of improperly divulging information. Such a shift in mindset also could deter whistleblowers from directly providing information about waste, fraud, abuse, or mismanagement to Inspectors General because of concern that the agency may later claim that the disclosure was improper and use that decision to retaliate against the whistleblower.

Neither FBI Director Jim Comey nor Deputy Attorney General Sally Yates are appearing at tomorrow’s hearing. FBI Associate Deputy Director Kevin Perkins and Associate Deputy Attorney General Carlos Uriarte have pulled the unpleasant duty of appearing on a panel with Horowitz. But I imagine Grassley intends tomorrow’s hearing to be rather aggressive.

DOJ Doesn’t Care What the Text of the Law or the 2nd Circuit Says, Dragnet Edition

Since USA F-ReDux passed JustSecurity has published two posts about how the lapse of Section 215 might create problems for the dragnet. Megan Graham argued that technically USA F-ReDux would have amended Section 215 as it existed in 2001, meaning the government couldn’t obtain any records but those that were specifically authorized before the PATRIOT Act passed. And former SSCI staffer Michael Davidson argued that a technical fix would address any uncertainty on this point.

DOJ, however, doesn’t much give a shit about what USA F-ReDux actually amends. In its memorandum of law accompanying a request to restart the dragnet submitted the night USA F-ReDux passed, DOJ asserted that of course Section 215 as it existed on May 31 remains in place.

Its brief lapse notwithstanding, the USA FREEDOM Act also expressly extends the sunset of Section 215 of the USA PATRIOT Act, as amended, until December 15, 2019, id.§ 705(a), and provides that, until the effective date of the amendments made by Sections 101through103, it does not alter or eliminate the Government’s authority to obtain an order under Section 1861 as in effect prior to the effective date of Sections 101through103 of the USA FREEDOM Act. Id.§ 109(b). Because the USA FREEDOM Act extends the sunset for Section 215 and delays the ban on bulk production under Section 1861until180 days from its enactment, the Government respectfully submits that it may seek and this Court may issue an order for the bulk production of tangible things under Section 1861 as amended by Section 215 of the USA PATRIOT Act as it did in docket number BR 15-24 and prior related dockets.

It cites comments Pat Leahy and Chuck Grassley made on May 22 (without, curiously, quoting either Rand Paul or legislative record from after Mitch McConnell caused the dragnet to lapse) showing that the intent of the bill was to extend the current dragnet.

While I think most members of Congress would prefer DOJ’s argument to hold sway, I would expect a more robust argument from DOJ on this point.

Likewise their dismissal of the Second Circuit decision in ACLU v. Clapper (which they say they’re still considering appealing). While it notes the Second Circuit did not immediately issue an injunction, DOJ’s base argument is weaker: it likes FISC’s ruling better and so it thinks FISC’s District Court judges should consider but ultimately ignore what the Second Circuit said.

The Government believes that this Court’s analysis of Section 215 reflects the better interpretation of the statute, see, e.g., In Re Application of the FBI for an Order Requiring the Production of Tangible Things, docket no. BR 13-109, Amended Mem. Op., 2013 WL 5741573 (FISA Ct. Aug. 29, 2013) (Eagan, J.) and In Re Application of the FBI for an Order Requiring the Production of Tangible Things, docket no. BR 13-158, Mem. (FISA Ct. Oct. 11, 2013) (McLaughlin, J.), disagrees with the Second Circuit panel’s opinion, and submits that the request for renewal of the bulk production authority is authorized under the statute as noted above.


The Government submits that this Court’s analysis continues to reflect the better reading of Section 1861.

This is where, incidentally, the flaccid report language attached to USA F-ReDux is so problematic. In a filing affirming the importance of legislative language, had the HJC report said something more than “Congress’ decision to leave in place the ‘‘relevance’’ standard for Section 501 orders should not be construed as Congress’ intent to ratify the FISA Court’s interpretation of that term,” DOJ might have to take notice of the language. But as it is, without affirmatively rejecting FISC’s opinion, the government will pretend it doesn’t matter.

I’m no more surprised with DOJ’s argument about the Second Circuit decision than I am its insistence that lapsing a bill doesn’t have legal ramifications.

But I would expect both arguments to make some effort to appear a bit less insolent. I guess DOJ is beyond that now.

Loretta Lynch: Not Enough Evidence to Charge HSBC Banksters

As part of her Questions for the Record, Attorney General nominee Loretta Lynch was asked about her role in the HSBC handslap in 2012. (See Q 38, h/t Katherine Hawkins)

38. As United States Attorney for the Eastern District of New York, you helped secure nearly $2 billion from HSBC over its failure to establish proper procedures to prevent money laundering by drug cartels and terrorists. You were quoted in a DOJ press release saying, “HSBC’s blatant failure to implement proper anti-money laundering controls facilitated the laundering of at least $881 million in drug proceeds through the U.S. financial system.”

You stated that the bank’s “willful flouting of U.S. sanctions laws and regulations resulted in the processing of hundreds of millions of dollars in [Office of Foreign Assets Control]-prohibited transactions.” Still, no criminal penalties have been assessed for any executive who may have been involved.

a. Did you make any decision or recommendation on charging any individual with a crime?

i. If so, please describe any and all decisions or recommendations you made.

ii. Please explain why such decisions or recommendations were made.

b. If you did not make any decision or recommendation on charging any individual with a crime, who made the decision not to prosecute?

RESPONSE: On December 11, 2012, the Department filed an information charging HSBC Bank USA with violations of the Bank Secrecy Act and HSBC Holdings with violating U.S. economic sanctions (the two entities are collectively referred to as “HSBC”). Pursuant to a deferred prosecution agreement (“DPA”), HSBC admitted its wrongdoing, agreed to forfeit $1.256 billion, and agreed to implement significant remedial measures, including, among other things, to follow the highest global anti-money laundering standards in all jurisdictions in which it operates. As the United States District Judge who approved the deferred prosecution found, “the DPA imposes upon HSBC significant, and in some respect extraordinary, measures” and the “decision to approve the DPA is easy, for it accomplishes a great deal.” Although grand jury secrecy rules prevent me from discussing the facts involving any individual or entity against whom we decided not to bring criminal charges, as I do in all cases in which I am involved, I and the dedicated career prosecutors handling the investigation carefully considered whether there was sufficient admissible evidence to prosecute an individual and whether such a prosecution otherwise would have been consistent with the principles of federal prosecution contained in the United States Attorney’s Manual.

I want to reiterate, particularly in the context of recent media reports regarding the release of HSBC files pertaining to its tax clients, that the Deferred Prosecution Agreement reached with HSBC addresses only the charges filed in the criminal violations of the Bank Secrecy Act for failures to maintain an adequate anti-money laundering program and for sanctions violations. The DPA explicitly does not provide any protection against prosecution for conduct beyond what was described in the Statement of Facts. Furthermore, I should note the DPA explicitly mentions that the agreement does not bind the Department’s Tax Division, nor the Fraud Section of the Criminal Division. information, which are limited to violations of the Bank Secrecy Act for failures to maintain an adequate anti-money laundering program and for sanctions violations. The DPA explicitly does not provide any protection against prosecution for conduct beyond what was described in the Statement of Facts. Furthermore, I should note the DPA explicitly mentions that the agreement does not bind the Department’s Tax Division, nor the Fraud Section of the Criminal Division. [my emphasis]

Lynch seems to want to have her cake and eat it too.

Sure, she and her prosecutors were unable to find the evidence in Carl Levin’s gift-wrapped case. But trust her, she seems to be saying, she might one day see fit to charge some warm bodies with fraud if she’s confirmed.

And note she makes no mention of material support for terrorism????

Because if you’re a bank, such things are legal, apparently.

Under Clapper’s Continuous Monitoring CIA Could Continuously Monitor SSCI on CIA Network

As I pointed out the other day, the CIA IG Report on spying on the Senate Intelligence Committee appears to say the egregious spying happened after John Brennan told Dianne Feinstein and Saxby Chambliss on January 15 CIA had been spying on SSCI.

Agency Access to Files on the SSCI RDINet:

Five Agency employees, two attorneys and three information technology (IT) staff members, improperly accessed or caused access to the SSCI Majority staff shared drives on the RDINet.

Agency Crimes Report on Alleged Misconduct by SSCI Staff:

The Agency filed a crimes report with the DOJ, as required by Executive Order 12333 and the 1995 Crimes Reporting Memorandum between the DOJ and the Intelligence Community, reporting that SSCI staff members may have improperly accessed Agency information on the RDINet. However, the factual basis for the referral was not supported, as the author of the referral had been provided inaccurate information on which the letter was based. After review, the DOJ declined to open a criminal investigation of the matter alleged in the crimes report.

Office of Security Review of SSCI Staff Activity:

Subsequent to directive by the D/CIA to halt the Agency review of SSCI staff access to the RDINet, and unaware of the D/CIA’s direction, the Office of Security conducted a limited investigation of SSCI activities on the RDINet. That effort included a keyword search of all and a review of some of the emails of SSCI Majority staff members on the RDINet system.

With that in mind, consider this passage of James Clapper’s July 25, 2014 response to Chuck Grassley and Ron Wyden’s concerns about Clapper’s new ongoing spying on clearance holders.

With respect to your second question about monitoring of Members of Congress and Legislative Branch employees, in general those individuals will not be subject to [User Activity Monitoring] because their classified networks are not included in the definition of national security systems (NSS) for which monitoring is required.


Because no internally owned or operated Legislative branch network qualifies as a national security system, UAM by the Executive Branch is accordingly neither required nor conducted. To be clear, however, when Legislative Branch personnel access a national security system used or operated by the Executive Branch, they are of course subject to UAM on that particular system.

CIA’s spying on SSCI took place on CIA’s RDI network, not on the SSCI one. SSCI had originally demanded they be given the documents pertaining to the torture program, but ultimately Leon Panetta required them to work on a CIA network, as Dianne Feinstein explained earlier this year.

The committee’s preference was for the CIA to turn over all responsive documents to the committee’s office, as had been done in previous committee investigations.

Director Panetta proposed an alternative arrangement: to provide literally millions of pages of operational cables, internal emails, memos, and other documents pursuant to the committee’s document requests at a secure location in Northern Virginia. We agreed, but insisted on several conditions and protections to ensure the integrity of this congressional investigation.

Per an exchange of letters in 2009, then-Vice Chairman Bond, then-Director Panetta, and I agreed in an exchange of letters that the CIA was to provide a “stand-alone computer system” with a “network drive” “segregated from CIA networks” for the committee that would only be accessed by information technology personnel at the CIA—who would “not be permitted to” “share information from the system with other [CIA] personnel, except as otherwise authorized by the committee.”

It was this computer network that, notwithstanding our agreement with Director Panetta, was searched by the CIA this past January,

Presumably, those limits on access should have prevented CIA’s IT guys from sharing information about what SSCI was doing on the network. But it’s not clear they would override Clapper’s UAM.

Remember, too, when Brennan first explained how this spying didn’t qualify as a violation of the Computer Fraud and Abuse Act, he said CIA could conduct “lawfully authorized … protective … activity” in the US. Presumably like UAM.

I have no idea whether this explains why CIA’s IG retracted what Feinstein said had been his own criminal referral or not. But I do wonder whether the CIA has self-excused some of its spying on SSCI in the interest of continuous user monitoring?

If so, it would be the height of irony, as UAM did not discover either Chelsea Manning’s or Edward Snowden’s leaks. Imagine if the only leakers the Intelligence Community ever found were their own overseers?

Chuck Grassley: Insider Threat Program Poses Threat to Whistleblowers

Chuck Grassley rarely gets the credit he deserves for championing whistleblowers. But, while there have been notable exceptions, Grassley has long defended both generalized protections for whistleblowers, as well as whistleblowers themselves.

Yesterday, he gave a long speech on the Whistleblower Protection Act. As part of it, he laid out a number of ways President Obama’s Insider Threat detection program threatened whistleblowers.

He described how the FBI has refused to explain whether Insider Threat Program training adequately distinguishes between whistleblowers and inside threats. Just last week, FBI walked out in the middle of a briefing for Grassley and Pat Leahy!

Meanwhile, the FBI fiercely resists any efforts at Congressional oversight, especially on whistleblower matters.  For example, four months ago I sent a letter to the FBI requesting its training materials on the Insider Threat Program.  This program was announced by the Obama Administration in October 2011.  It was intended to train federal employees to watch out for insider threats among their colleagues.  Public news reports indicated that this program might not do enough to distinguish between true insider threats and legitimate whistleblowers.  I relayed these concerns in my letter.  I also asked for copies of the training materials.  I said I wanted to examine whether they adequately distinguished between insider threats and whistleblowers.

In response, an FBI legislative affairs official told my staff that a briefing might be the best way to answer my questions.  It was scheduled for last week.  Staff for both Chairman Leahy and I attended, and the FBI brought the head of their Insider Threat Program.  Yet the FBI didn’t bring the Insider Threat training materials as we had requested.  However, the head of the Insider Threat Program told the staff that there was no need to worry about whistleblower communications.  He said whistleblowers had to register in order to be protected, and the Insider Threat Program would know to just avoid those people.

Now I have never heard of whistleblowers being required to “register” in order to be protected.  The idea of such a requirement should be pretty alarming to all Americans.  Sometimes confidentiality is the best protection a whistleblower has.  Unfortunately, neither my staff nor Chairman Leahy’s staff was able to learn more, because only about ten minutes into the briefing, the FBI abruptly walked out.  FBI officials simply refused to discuss any whistleblower implications in its Insider Threat Program and left the room.  These are clearly not the actions of an agency that is genuinely open to whistleblowers or whistleblower protection.

Grassley raises concerns that the monitoring of intelligence community employees will help the IC track whistleblowers who communicate properly to Congress.

Like the FBI, the intelligence community has to confront the same issue of distinguishing a true insider threat from a legitimate whistleblower.  This issue could be impacted by both the House- and Senate-passed versions of the intelligence authorization.  Both include language about continuous monitoring of security clearance holders, particularly the House version.

Director of National Intelligence James Clapper seems to have talked about such procedures when he appeared before the Senate Armed Services Committee on February 11, 2014.  In his testimony, he said:

We are going to proliferate deployment of auditing and monitoring capabilities to enhance our insider threat detection.  We’re going to need to change our security clearance process to a system of continuous evaluation. . . .  What we need is . . . a system of continuous evaluation, where . . . we have a way of monitoring their behavior, both their electronic behavior on the job as well as off the job, to see if there is a potential clearance issue. . . .

Director Clapper’s testimony gives me major pause.  It sounds as though this type of monitoring would likely capture the activity of whistleblowers communicating with Congress.

Continue reading

The “McCain Committee” Would Be Full of NSA Defenders

Imagine a McCain Committee as the inheritor of the tradition of Frank Church and Otis Pike.

(Yes, I did that to make bmaz’ head explode.)

That seems to be what John McCain intends with his resolution calling for a Committee to Investigate the Dragnet. (h/t Steven Aftergood)

Only, McCain proposes to investigate not just whether NSA has engaged in things it was not authorized to do. But also to investigate Snowden’s leaks themselves and the potential role of contractors in making leaks more likely.

All that said, I might be excited about McCain’s proposal to review the dragnet, as described:

(3) The nature and scope of National Security Agency intelligence-collection programs, operations, and activities, including intelligence-collection programs affecting Americans, that were the subject matter of the unauthorized disclosure, including–

(A) the extent of domestic surveillance authorized by law;

(B) the legal authority that served as the basis for the National Security Agency intelligence-collection programs, operations, and activities that are the subject matter of those disclosures;

(C) the extent to which such programs, operations, and activities that were the subject matter of such unauthorized disclosures may have gone beyond what was authorized by law or permitted under the Constitution of the United States;

(D) the extent and sufficiency of oversight of such programs, operations, and activities by Congress and the Executive Branch; and

(E) the need for greater transparency and more effective congressional oversight of intelligence community activities.

There’s just one problem with McCain’s proposal.

Here’s the list of the people who would be on the Committee (he provides titles, I’m providing names):

  • Diane Feinstein
  • Saxby Chambliss
  • Carl Levin
  • Jim Inhofe
  • Tom Carper
  • Tom Coburn
  • Robert Menendez
  • Bob Corker
  • Pat Leahy
  • Chuck Grassley
  • Jello Jay Rockefeller
  • John Thune
  • A Harry Reid pick
  • A Mitch McConnell pick

There are a number of very big NSA defenders on this list — in addition to DiFi and Saxby, both Jello Jay and Coburn are Intel Committee members who have never questioned the dragnet (indeed, Coburn has called for getting rid of the controls on the phone dragnet!). Chuck Grassley, too, has generally been supportive of the dragnet in SJC hearings on the subject. Most of the rest are simply not the caliber of people who might critically assess the dragnet much less show real interest in Americans’ privacy. Only Carl Levin and Pat Leahy, alone among the 12 named members, have been explicitly skeptical of the dragnet at all.

McCain proposes a Select Committee to investigate the dragnet. And he proposes to fill it with people who are really happy with the dragnet as it currently exists.

Update: Just to give a sense of how terrible this make-up for a Select Committee is, compare it with the bipartisan list of 26 Senators who asked James Clapper for more information on other uses of Section 215 last June. Just one Senator from that list — Pat Leahy — would be on McCain’s committee.

Update: Haha! Via Matt Sledge, DiFi shot McCain’s idea down pretty quickly.

The Dog Ate Charles McCullough’s Homework

Let’s take the narrative the Federal Government wants to tell us about the Boston Marathon attack.

Both FBI and CIA got tips from Russia in early- and mid-2011 implicating Tamerlan Tsarnaev in extremism which FBI, which appropriately has jurisdiction, investigated and entered into the relevant databases accessible to Joint Terrorism Task Force partners.

Later that year, the government alleges (based on the word of a guy they killed immediately thereafter), Tamerlan and Ibragim Todashev — and possibly Tamerlan’s brother Dzhokhar — knifed three friends and associates to death on 9/11 while they waited for pizza from a place the brothers may have once worked; while several of the people on both sides of that killing were involved in selling drugs, the presumed motive for that killing (especially given the date) pertains to Islamic extremism, not a drug and money dispute, in spite of or perhaps because of the pot and money left at the scene. After the killing, Tamerlan disappeared from the scene in Cambridge and was never interviewed by the cops. Senate Intelligence Committee members allege Russia passed on another warning about Tamerlan after October 2011, though the FBI insists it kept asking for more information to no avail.

The next year, Tamerlan left for Russia and Chechnya and Dagestan, but the Homeland Security dragnet missed him because Aeroflot misspelled his name (an issue that contributed to their missing the UndieBomb, too; Russia’s original tip to the FBI had gotten his birthdate wrong). While in Russia, Tamerlan met a bunch of Chechen extremists, several of whom were killed shortly after he met them. Then, Tamerlan returned to Boston, and he and his brother made some bombs out of pressure cookers and fireworks in his Cambridge flat (testimony of their cab driver notwithstanding), and then set them off near the finish line of the Boston Marathon, killing 3 and maiming hundreds.

In spite of the thousands of videos of the event, FBI’s prior investigation, and immigration records on the brothers including pictures, the government’s facial recognition software proved unable to find them (in spite of claims “FBI” officials were asking around Cambridge already), so the government released their pictures and set off a manhunt that resulted in Tamerlan’s death and the arrest of Dzhokhar.

That’s the story, right?

Two weeks after the attack, James Clapper tasked the Intelligence Community Inspector General, Charles McCullough, with investigating the attack to see if it could have been prevented (note, after the 2009 UndieBomb attack, the Senate Intelligence Committee conducted such an investigation but I’ve heard no peep of them doing so here). Also involved in that investigation are DOJ, DHS, and CIA’s IG, but not NSA’s IG, in spite of the fact that the Russians, at least, reportedly intercepted international texts implicating Tamerlan in planning jihad (though there’s no reason to believe the non-US side of those texts — a family member of the brothers’ mother — would have been a known CT target). (Note that, even as McCullough has been conducting this investigation, which ultimately involves information that has been leaked to the press, James Clapper has him conducting investigations into unauthorized leaks — does anyone else see the huge conflict here???)

Back on September 19 (perhaps not coincidentally the day after Ibragim Todashev’s friend Ashurmamad Miraliev was arrested in FL and questioned for 6 hours without a lawyer), McCullough wrote Congress to tell them that because “information relevant to the review is still being provided to the review team,” the review would be indefinitely delayed.

According to the BoGlo, McCullough is offering a new excuse for further delay: the shutdown.

Officials said the shutdown has hampered various agencies’ ability to conduct interviews, undertake research, or pay support personnel who are responsible for reviewing the operations of the government’s terrorism databases before the Marathon attack and determining whether information on the bombing suspects was properly handled.


Last month congressional oversight communities were informed that while officials were “working diligently” to complete the review, the process of interviewing counter-terrorism officials and reviewing computer files had turned out to be more challenging than expected. McCullough, the intelligence community’s inspector general, said at the time that “information relevant to the review is still being provided to the review teams.”

A senior Senate staffer, who was not authorized to speak publicly, said briefings recently scheduled for intelligence officials to brief key congressional committees on the progress of the review were canceled.

So here we are over 6 months after the attack, and an inquiry purportedly reviewing whether our CT information sharing (led by the National Counterterrorism Center, which reports to Clapper, to whom McCullough also reports as a non-independent IG) did what it was supposed to, is still having trouble reviewing the actual databases (!?!?), ostensibly because they had to furlough the support people doing that rather than allow them to figure out how to fix problems to prevent the next terrorist attack. (Remember, James Clapper testified he had furloughed 70% of civilian IC staff, to the shock of Chuck Grassley and others.)

Perhaps that’s the problem. Perhaps it is the case that in 6 months time, IC support personnel had not yet been able to access and assess the database counterterrorism professionals are expected to monitor and respond to almost instantaneously. If that is the case, it, by itself, ought to be huge news.

Or perhaps there’s something about the Waltham investigation that has made it newly embarrassing that warnings before and — if blathery Senators are to be believed — after the murders didn’t focus more attention on Tamerlan Tsarnaev.

Half the LOVEINT Violations Committed by Non-NSA Employees

Screen shot 2013-09-26 at 9.14.52 PM

Chuck Grassley just released a summary of violations of NSA authority he requested back in August.

The data is pretty meaningless. As I have shown, NSA’s own internal reporting shows about 9% (and up to 20% in some categories) of its violations are “due diligence” violations, which are violations of rules that an analyst knows (human error, intelligence error, and training are treated as distinct violations). If today’s hearing was any indication, the Senate Intelligence Committee seems to have no understanding that 9% of all violations are willful violations of rules.

All that said, of the 12 incidents the NSA reported (there are 3 incidents still under investigation), fully half appear to be committed by members of different agencies (though one of those was a military person reported to NSA). That’s a lot of other agency personnel abusing SIGINT authorities they’re granted access to.

And note, DOJ has never prosecuted any of these. In just about all cases where DOJ gets a referral, the person resigns before being charged. The UCMJ does better — DOD has punished two people.

OLC’s Overseers Will Get to See Their Handiwork

The Hill reports that the Senate Judiciary Committee will get to read the Office of Legal Counsel memos authorizing the targeting of Anwar al-Awlaki tomorrow.

Committee Chairman Patrick Leahy (D-Vt.) told The Hill that he and other members of the panel will be given access to the detailed Office of Legal Counsel (OLC) memos, which lay out the administration’s legal support for targeting U.S. citizens who are suspected of being terrorists, pose an “imminent threat” to U.S. national security and for whom capture is not an option.

On Tuesday Leahy said the administration was planning to make documents available for committee members to read on Capitol Hill on Wednesday.

Sen. Chuck Grassley (R-Iowa), the panel’s ranking member, is also planning to attend, according to his spokeswoman.

It appears that this will be one of those quickie reviews, where Senators are not allowed to share with lawyers who will conduct more in-depth analysis.

Also no word on whether the House Judiciary Committee will laso get to glimpse these memos.

They really don’t want people to really scrutinize these memos, I guess.

1 2 3 5
Emptywheel Twitterverse
bmaz @joanwalsh @PPact Terrible. But fear and loathing is their game. Don't accept or give in.
bmaz @speedbudget @Beyerstein There are plenty of very smart people who disagree with me, but from my experience in crim justice system, yes.
bmaz @speedbudget @Beyerstein None of this is about "extra penalties". It is about extra govt leverage and investigatory/surveillance abilities.
bmaz @speedbudget @Beyerstein ...which with sentencing enhancements is effectively life in prison. How much more can you give an adult human??
bmaz @speedbudget @Beyerstein Think about it: 1st degree murder is either life or death penalty. Even armed kidnapping/robbery is 2nd degree
bmaz @speedbudget @Beyerstein It gives the govt better leverage against suspects/defendants, and WAY more invasive tools+rules to investigate.
bmaz @speedbudget @Beyerstein No. For instance in both Dylan Roof+Dear in CO, both are 1stdegree/capital crimes already. What does terrorism add?
emptywheel @KevinBuist Damnit! I'm entering with a Ted Cruz doll and a bunch of colorful condoms. Right outside the carousel.
emptywheel @KevinBuist Can we put him in the river? We need river exhibits back!
emptywheel @KevinBuist Ohhh. The tradeoff of getting him in a winning venue w/some more appropriate church setting.
emptywheel @KevinBuist Maybe you can get him to be an exhibit in Art Prize next year.
JimWhiteGNV RT @CJonesScout: Three #Gators in the top eight of PG's college MLB Draft rankings.
December 2015
« Nov